|
218701
|
7.8 |
HIGH
Local
|
wago
|
e\!cockpit
|
An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can al…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-5158
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218702
|
7.2 |
HIGH
Network
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject OS …
|
CWE-78
OS Command
|
CVE-2019-5157
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218703
|
7.8 |
HIGH
Local
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a s…
|
CWE-78
OS Command
|
CVE-2019-5173
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218704
|
7.8 |
HIGH
Local
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet t…
|
CWE-78
OS Command
|
CVE-2019-5172
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218705
|
7.8 |
HIGH
Local
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is us…
|
CWE-78
OS Command
|
CVE-2019-5167
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218706
|
9.1 |
CRITICAL
Network
|
wago
|
pfc200_firmware
|
An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted…
|
NVD-CWE-noinfo
|
CVE-2019-5160
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218707
|
7.8 |
HIGH
Local
|
wago
|
e\!cockpit
|
An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. A specially crafted firmware update file can allow a…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-5159
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218708
|
7.2 |
HIGH
Network
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject operating sy…
|
CWE-78
OS Command
|
CVE-2019-5156
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218709
|
7.2 |
HIGH
Network
|
wago
|
pfc200_firmware
|
An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in …
|
CWE-78
OS Command
|
CVE-2019-5155
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218710
|
5.3 |
MEDIUM
Network
|
wago
|
pfc200_firmware
pfc100_firmware
|
An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management (WBM) web application on WAGO PFC100/200 controllers. The WBM application makes …
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2019-5135
|
2024-11-21 13:44 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
