cve/2020/CVE-2020-12522.md

### [CVE-2020-12522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12522)
![](https://img.shields.io/static/v1?label=Product&message=Series%20PFC%20100%20(750-81xx%2Fxxx-xxx)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Series%20PFC%20200%20(750-82xx%2Fxxx-xxx)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Advanced%20Line%20(762-5xxx)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Marine%20Line%20(762-6xxx)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Standard%20Line%20(762-4xxx)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=FW1%3C%3D%20FW10%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brighgreen)

### Description

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.

### POC

#### Reference
- https://cert.vde.com/en-us/advisories/vde-2020-045
- https://cert.vde.com/en-us/advisories/vde-2020-045

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-12522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12522)`
			`![](https://img.shields.io/static/v1?label=Product&message=Series%20PFC%20100%20(750-81xx%2Fxxx-xxx)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Series%20PFC%20200%20(750-82xx%2Fxxx-xxx)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Advanced%20Line%20(762-5xxx)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Marine%20Line%20(762-6xxx)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Series%20Wago%20Touch%20Panel%20600%20Standard%20Line%20(762-4xxx)&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=FW1%3C%3D%20FW10%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20OS%20Command%20Injection&color=brighgreen)`

			`### Description`

			`The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10.`

			`### POC`

			`#### Reference`
			`- https://cert.vde.com/en-us/advisories/vde-2020-045`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://cert.vde.com/en-us/advisories/vde-2020-045`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`No PoCs found on GitHub currently.`