WAGO - Remote Code Execution CVE-2023-1698
- CVSSv3 Score
- Vulnerability description
WAGO PFC100, PFC200, CC100, Edge Controller, Touch Panel 600 Standard, Advanced and Marine Line with firmware version >= 16 and <= 23 are vulnerable to CVE-2023-1698, a Remote Code Execution vulnerability, affecting the web admin component. The root cause of this vulnerability is the fact that user input is not sanitized before being used as input for a
shell_execcall. This vulnerability allows an unauthenticated remote attacker to exploit this vulnerability by using a specially crafted JSON input to remotely execute code as the user the web admin application is running as.
- Risk description
The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
Update WAGO devices firmware to the latest version.
- Not available