Wago: >> Pfc200 Firmware >> 03.03.10(15) Security Vulnerabilities
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.
CVSS Score
5.3
EPSS Score
0.0
Published
2023-11-20
An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVSS Score
7.2
EPSS Score
0.012
Published
2020-06-11