CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5181
https://notcve.org/view.php?id=CVE-2019-5181
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any subnetmask values that are ... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5180
https://notcve.org/view.php?id=CVE-2019-5180
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any ip values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=‘) in length. A ip value of length 0x3da will cause the... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5179
https://notcve.org/view.php?id=CVE-2019-5179
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. Se presenta una vulnerabilidad de desbordamiento del búfer de la pila explotable en la funcionalidad "I-O-Check" del servicio iocheckd de WAGO PFC 200 versiones de Firmware 03.02.02(14). Un atacante puede enviar un paquete especialmente diseñado para a... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5178
https://notcve.org/view.php?id=CVE-2019-5178
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any hostname values that are greater than 1024-len(‘/etc/config-tools/change_hostname hostname=‘) in length. A hostname value of length 0x3fd will cause the service to crash. ... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5177
https://notcve.org/view.php?id=CVE-2019-5177
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). The destination buffer sp+0x440 is overflowed with the call to sprintf() for any domainname values that are greater than 1024-len(‘/etc/config-tools/edit_dns_server domain-name=‘) in length. A domainname value of length 0x3fa will cause the service to crash. Se presenta una vulnerabilidad de desbordamiento del búfer de la pila explotable en ... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5176
https://notcve.org/view.php?id=CVE-2019-5176
11 Mar 2020 — An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is overflowed with the call to sprintf() for any gateway values that are greater than 512-len(‘/etc/config-tools/config_default_gateway number=0 state=enabled value=‘) in length. A gateway value of length 0x7e2 will cause ... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0963 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5171
https://notcve.org/view.php?id=CVE-2019-5171
11 Mar 2020 — An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5170
https://notcve.org/view.php?id=CVE-2019-5170
11 Mar 2020 — An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e87c the extracted hostname value from the xml file is used as an argument to /etc/config-tools/change_hostname hostname=
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5169
https://notcve.org/view.php?id=CVE-2019-5169
11 Mar 2020 — An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e900 the extracted gateway value from the xml file is used as an argument to /etc/config-tools/config_default_gateway number=0 state=enabled value=
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5174
https://notcve.org/view.php?id=CVE-2019-5174
11 Mar 2020 — An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e9fc the extracted subnetmask value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=