Vulnerabilities > CVE-2015-6473 - 7PK - Security Features vulnerability in Wago 750-849 Firmware and 758-870 Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 | |
Hardware | 2 |
Common Weakness Enumeration (CWE)
Packetstorm
data source | https://packetstormsecurity.com/files/download/136077/wago-credsprivdisclose.txt |
id | PACKETSTORM:136077 |
last seen | 2016-12-05 |
published | 2016-03-04 |
reporter | Karn Ganeshen |
source | https://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html |
title | WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation |
References
- http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html
- http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html
- http://seclists.org/fulldisclosure/2016/Mar/4
- http://seclists.org/fulldisclosure/2016/Mar/4
- http://www.securityfocus.com/bid/84138
- http://www.securityfocus.com/bid/84138