Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024
CVE-2019-5160
CVE-2019-5160
Description
An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized access to firmware update functionality. An attacker can send an authenticated HTTPS POST request to direct the Cloud Connectivity software to connect to an attacker controlled Azure IoT Hub node.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: version 03.02.02(14)
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2019-0953mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.