← back
CVE-2019-5157

CVE-2019-5157

EPSS 4.2%
An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject OS commands into the TimeoutUnconfirmed parameter value contained in the Firmware Update command.
Affected products
Wago · WAGO PFC200 Firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0950