mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 02:45:46 +02:00
0xMarcio
914 B
914 B
CVE-2019-5171
Description
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled ip-address= using sprintf().
POC
Reference
Github
No PoCs found on GitHub currently.