Vulnerabilities > Wago > Pfc200 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-20 | CVE-2023-3379 | Incorrect Authorization vulnerability in Wago products Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. | 5.3 |
| 2023-02-27 | CVE-2022-45137 | Cross-site Scripting vulnerability in Wago products The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. | 6.1 |
| 2023-02-27 | CVE-2022-45139 | Origin Validation Error vulnerability in Wago products A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. | 5.3 |
| 2023-01-19 | CVE-2022-3738 | Missing Authentication for Critical Function vulnerability in Wago products The vulnerability allows a remote unauthenticated attacker to download a backup file, if one exists. | 5.9 |
| 2020-03-23 | CVE-2019-5186 | Classic Buffer Overflow vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. | 4.4 |
| 2020-03-23 | CVE-2019-5185 | Classic Buffer Overflow vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. | 4.4 |
| 2020-03-23 | CVE-2019-5184 | Double Free vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable double free vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. | 4.6 |
| 2020-03-12 | CVE-2019-5181 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 4.6 |
| 2020-03-12 | CVE-2019-5180 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 4.6 |
| 2020-03-12 | CVE-2019-5179 | Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14) An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). | 4.6 |