Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-5156

An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject operating system commands into the TimeoutPrepared parameter value contained in the firmware update command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.6%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
Products affected by CVE-2019-5156
  • Wago » Pfc200 » Version: N/A
    cpe:2.3:h:wago:pfc200:-
  • Wago » Pfc200 Firmware » Version: 03.00.39(12)
    cpe:2.3:o:wago:pfc200_firmware:03.00.39(12)
  • Wago » Pfc200 Firmware » Version: 03.01.07(13)
    cpe:2.3:o:wago:pfc200_firmware:03.01.07(13)
  • Wago » Pfc200 Firmware » Version: 03.02.02(14)
    cpe:2.3:o:wago:pfc200_firmware:03.02.02(14)


Products
Pricing
Contact Us

Shodan ® - All rights reserved