CVE-2018-12979
published 2018-07-12CVE-2018-12979: An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EXPLOIT
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestricted file upload in the WBM.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wago | 762-3000_firmware | < 02 | 02 |
| wago | 762-3001_firmware | < 02 | 02 |
| wago | 762-3002_firmware | < 02 | 02 |
| wago | 762-3003_firmware | < 02 | 02 |