CVE-2019-5170
Description
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e87c the extracted hostname value from the xml file is used as an argument to /etc/config-tools/change_hostname hostname= using sprintf(). This command is later executed via a call to system().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Command injection in WAGO PFC 200 iocheckd service allows local attackers to execute arbitrary OS commands as root via a crafted XML cache file.
Vulnerability
The iocheckd service's I/O-Check function in WAGO PFC 200 firmware version 03.02.02(14) parses an XML cache file stored at /tmp/iocheckCache.xml. The hostname node value is extracted and used unsanitized in a sprintf() call to build a command string that is later executed via system(). The cache file is globally writable, allowing any local user to write a malicious XML file [1].
Exploitation
An attacker with local access to the device writes a specially crafted XML file to /tmp/iocheckCache.xml containing OS command injection in the hostname field. The vulnerability is triggered by sending a BC_SaveParameter message, which causes the iocheckd service to parse the cache file and execute the injected commands. No additional authentication is required beyond the ability to write to /tmp [1].
Impact
Successful exploitation results in arbitrary OS command execution as the root user, leading to full compromise of the device's confidentiality, integrity, and availability. The attacker gains complete control over the controller [1].
Mitigation
As of the publication date (2020-03-11), no official patch has been disclosed in the available reference. Users should restrict local access to the device, monitor vendor advisories for updates, and consider network segmentation to limit exposure [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- talosintelligence.com/vulnerability_reports/TALOS-2019-0962mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.