PT-2019-15271 · Wago · Wago Series Pfc200+1
Nico Jansen
·
Publicado
2019-10-19
·
Atualizado
2023-03-13
·
CVE-2019-18202
CVSS v3.1
5.8
Média
| Vetor | AC:L/AV:N/A:N/C:L/I:N/PR:N/S:C/UI:N |
Name of the Vulnerable Software and Affected Versions
WAGO Series PFC100 and PFC200 devices versions prior to FW12
Description
The issue allows for Information Disclosure due to improper access control. A remote attacker can exploit this by sending crafted HTTP requests to check for the existence of paths and file names.
Recommendations
For WAGO Series PFC100 and PFC200 devices versions prior to FW12, update to FW12 or later to resolve the issue. As a temporary workaround, consider restricting access to the devices to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wago Series Pfc100
Wago Series Pfc200