← back
CVE-2019-5156

CVE-2019-5156

EPSS 4.2%
An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject operating system commands into the TimeoutPrepared parameter value contained in the firmware update command.
Affected products
Wago · WAGO PFC200 Firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0949