Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-5157

An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject OS commands into the TimeoutUnconfirmed parameter value contained in the Firmware Update command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.6%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
Products affected by CVE-2019-5157
  • Wago » Pfc200 » Version: N/A
    cpe:2.3:h:wago:pfc200:-
  • Wago » Pfc200 Firmware » Version: 03.00.39(12)
    cpe:2.3:o:wago:pfc200_firmware:03.00.39(12)
  • Wago » Pfc200 Firmware » Version: 03.01.07(13)
    cpe:2.3:o:wago:pfc200_firmware:03.01.07(13)
  • Wago » Pfc200 Firmware » Version: 03.02.02(14)
    cpe:2.3:o:wago:pfc200_firmware:03.02.02(14)


Products
Pricing
Contact Us

Shodan ® - All rights reserved