VYPR

iocheckd

by Wago

CVEs (4)

  • CVE-2019-5181HigMar 12, 2020
    risk 0.51cvss 7.8epss 0.01

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer…

  • CVE-2019-5170HigMar 12, 2020
    risk 0.51cvss 7.8epss 0.01

    An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An…

  • CVE-2019-5166HigMar 11, 2020
    risk 0.51cvss 7.8epss 0.01

    An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in…

  • CVE-2019-5185HigMar 23, 2020
    risk 0.46cvss 7.0epss 0.01

    An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml…