CVE-2019-5167

CWE-78 — OS Command Injection3 documents3 sources

Severity

7.8HIGH

EPSS

0.5%

top 32.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wago Wago Pfc200 Firmware Wago Pfc200 Firmware

Timeline

PublishedMar 11

Latest updateMay 24

Description

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/edit_dns_server %s dns-server-nr=%d dns-server-name= using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many dns entries will be parsed from the xml file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDwago/pfc200_firmware03.02.02\(14\)

▶CVEListV5wago/wago_pfc200_firmwareversion 03.02.02(14)

🔴Vulnerability Details

GHSA

GHSA-9mfc-vm32-v9f4: An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03↗2022-05-24

▶

CVEList

CVE-2019-5167: An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03↗2020-03-10

▶