Stack Buffer Overflow Vulnerability in WAGO PFC 200 Firmware
CVE-2019-5181
7.8HIGH
What is CVE-2019-5181?
A vulnerable stack buffer overflow is present in the iocheckd service of the WAGO PFC 200 Firmware version 03.02.02(14). This vulnerability arises from how a specially crafted XML cache file is handled, allowing an attacker to exploit the vulnerability by sending a malicious packet that triggers the parsing of the cache file. If the specified subnetmask value exceeds a certain length, it leads to a buffer overflow. This overflow condition, if manipulated, can result in unauthorized code execution, subsequently crashing the service and potentially compromising the device.
Affected Version(s)
WAGO PFC200 Firmware version 03.02.02(14)