CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 1CVE-2019-5082
https://notcve.org/view.php?id=CVE-2019-5082
08 Jan 2020 — An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento del búfer de la pila explotable en la fun... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0874 • CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5078
https://notcve.org/view.php?id=CVE-2019-5078
18 Dec 2019 — An exploitable denial of service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explot... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0870 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 1CVE-2019-5075
https://notcve.org/view.php?id=CVE-2019-5075
18 Dec 2019 — An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets sent to the iocheckd service "I/O-Check" can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de desbordami... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0864 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2019-5073
https://notcve.org/view.php?id=CVE-2019-5073
18 Dec 2019 — An exploitable information exposure vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de exposición a la información exp... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0862 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5080
https://notcve.org/view.php?id=CVE-2019-5080
18 Dec 2019 — An exploitable denial-of-service vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A single packet can cause a denial of service and weaken credentials resulting in the default documented credentials being applied to the device. An attacker can send an unauthenticated packet to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explotable en l... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0872 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 1CVE-2019-5079
https://notcve.org/view.php?id=CVE-2019-5079
18 Dec 2019 — An exploitable heap buffer overflow vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento del búfer de la pila explotable en la funcionalidad "I/O-Ch... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0871 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 2CVE-2019-5081
https://notcve.org/view.php?id=CVE-2019-5081
18 Dec 2019 — An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.07(13) and 03.00.39(12), and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento del búfer de la pila explotable en la funcionalidad ''I/O-... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0873 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5077
https://notcve.org/view.php?id=CVE-2019-5077
18 Dec 2019 — An exploitable denial-of-service vulnerability exists in the iocheckd service ‘’I/O-Chec’’ functionality of WAGO PFC 200 Firmware versions 03.01.07(13) and 03.00.39(12), and WAGO PFC 100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a denial of service, resulting in the device entering an error state where it ceases all network communications. An attacker can send unauthenticated packets to trigger this vulnerability. Existe una vulnerabilidad de denegación de servicio explotab... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0869 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2019-5074
https://notcve.org/view.php?id=CVE-2019-5074
18 Dec 2019 — An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.07(13), WAGO PFC200 Firmware version 03.00.39(12) and WAGO PFC100 Firmware version 03.00.39(12). A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento del búfer de la pila explotable en la funci... • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0863 • CWE-787: Out-of-bounds Write •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-18202
https://notcve.org/view.php?id=CVE-2019-18202
19 Oct 2019 — Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests. Una divulgación de información es posible en los dispositivos WAGO Series PFC100 y PFC200 versiones anteriores a FW12, debido a un control de acceso inapropiado. Un atacante remoto puede comprobar la existencia de rutas y nombres de archivos por medio de peticiones HTTP diseñadas. • https://cert.vde.com/de-de/advisories/vde-2019-017 •