HomePentest-Tools.com Logo

WAGO - Remote Code Execution CVE-2023-1698

CVSSv3 Score
Vulnerability description

WAGO PFC100, PFC200, CC100, Edge Controller, Touch Panel 600 Standard, Advanced and Marine Line with firmware version >= 16 and <= 23 are vulnerable to CVE-2023-1698, a Remote Code Execution vulnerability, affecting the web admin component. The root cause of this vulnerability is the fact that user input is not sanitized before being used as input for a shell_exec call. This vulnerability allows an unauthenticated remote attacker to exploit this vulnerability by using a specially crafted JSON input to remotely execute code as the user the web admin application is running as.

Risk description

The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.


Update WAGO devices firmware to the latest version.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
May 15, 2023
Detection added at
Software Type
Web Admin platform
WAGO Web Admin application