CVE-2019-5161
N/A
N/A
Summary
An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Wago | WAGO PFC200 Firmware | version 03.02.02(14) | affected |
| Wago | WAGO PFC200 Firmware | version 03.01.07(13) | affected |
| Wago | WAGO PFC200 Firmware | version 03.00.39(12) | affected |
Weaknesses
- remote code execution
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.