Vulnerabilities > CVE-2019-18202 - Unspecified vulnerability in Wago PFC Firmware

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

wago

NVD

Published: 2019-10-19

Updated: 2023-03-13

Summary

Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests.

Vulnerable Configurations

Part	Description	Count
OS	Wago Wago PFC Firmware *	1
Hardware	Wago Wago Pfc100 - Wago Pfc200 -	2

References

https://cert.vde.com/de-de/advisories/vde-2019-017