mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 17:22:02 +00:00
887 B
887 B
CVE-2019-5156
Description
An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject operating system commands into the TimeoutPrepared parameter value contained in the firmware update command.
POC
Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0949
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0949
Github
No PoCs found on GitHub currently.