Vulnerabilities > Wago > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-11 CVE-2019-5174 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.8
2020-03-11 CVE-2019-5173 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-78
7.8
2020-03-11 CVE-2019-5172 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14).
local
low complexity
wago CWE-78
7.8
2020-03-11 CVE-2019-5168 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.8
2020-03-11 CVE-2019-5167 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-78
7.8
2020-03-11 CVE-2019-5166 Out-of-bounds Write vulnerability in Wago Pfc200 Firmware 03.02.02(14)
An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.02(14).
local
low complexity
wago CWE-787
7.8
2020-03-11 CVE-2019-5159 Exposure of Resource to Wrong Sphere vulnerability in Wago E!Cockpit 1.6.0.7
An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7.
local
low complexity
wago CWE-668
7.8
2020-03-11 CVE-2019-5158 Use of Hard-coded Credentials vulnerability in Wago E!Cockpit 1.6.1.5
An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5.
local
low complexity
wago CWE-798
7.8
2020-03-11 CVE-2019-5157 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago CWE-78
7.2
2020-03-11 CVE-2019-5156 OS Command Injection vulnerability in Wago Pfc200 Firmware 03.00.39(12)/03.01.07(13)/03.02.02(14)
An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12).
network
low complexity
wago CWE-78
7.2