VYPR

PFC200

by Wago

CVEs (17)

  • CVE-2023-1698May 15, 2023
    Wago
    PFC200
    risk 0.08cvss epss 0.94

    In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.

  • CVE-2023-4089Oct 17, 2023
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than expected.

  • CVE-2021-21001May 24, 2021
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges.

  • CVE-2021-21000May 24, 2021
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime.

  • CVE-2019-5181Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer…

  • CVE-2019-5180Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination…

  • CVE-2019-5179Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.

  • CVE-2019-5178Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination…

  • CVE-2019-5177Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). The destination buffer sp+0x440 is overflowed with the call to sprintf() for any domainname values that…

  • CVE-2019-5176Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination…

  • CVE-2019-5171Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an…

  • CVE-2019-5170Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An…

  • CVE-2019-5169Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An…

  • CVE-2019-5175Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An…

  • CVE-2019-5172Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value…

  • CVE-2019-5173Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An…

  • CVE-2019-5182Mar 11, 2020
    Wago
    PFC200
    risk 0.00cvss epss 0.00

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination…