CVE-2021-21001

Name of the Vulnerable Software and Affected Versions WAGO PFC200 devices (affected versions not specified)

Description The issue is related to the WAGO PFC200 devices, where an authorized attacker with network access can access the file system with higher privileges using specially crafted packets. This is due to incorrect restriction of the path name to a directory with limited access. The exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.