Vulnerabilities > Wago

DATE CVE VULNERABILITY TITLE RISK
2020-03-11 CVE-2019-5174 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.2
7.2
2020-03-11 CVE-2019-5173 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-78
7.2
7.2
2020-03-11 CVE-2019-5172 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-78
7.2
7.2
2020-03-11 CVE-2019-5168 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.2
7.2
2020-03-11 CVE-2019-5167 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.2
7.2
2020-03-11 CVE-2019-5166 Classic Buffer Overflow vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-120
4.6
4.6
2020-03-11 CVE-2019-5161 Insufficient Verification of Data Authenticity vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago CWE-345
critical
 9.0
9.0
2020-03-11 CVE-2019-5160 Improper Input Validation vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago CWE-20
6.5
6.5
2020-03-11 CVE-2019-5159 Improper Input Validation vulnerability in Wago E!Cockpit 1.6.0.7
An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7.
network
wago CWE-20
6.8
6.8
2020-03-11 CVE-2019-5158 Use of Hard-coded Credentials vulnerability in Wago E!Cockpit 1.6.1.5
An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5.
network
wago CWE-798
4.3
4.3