HomePentest-Tools.com Logo

WAGO - Remote Code Execution (CVE-2023-1698)

Severity
CVSSv3 Score
9.8
Vulnerability description

WAGO PFC100, PFC200, CC100, Edge Controller, Touch Panel 600 Standard, Advanced and Marine Line with firmware version >= 16 and <= 23 are vulnerable to CVE-2023-1698, a Remote Code Execution vulnerability, affecting the web admin component. The root cause of this vulnerability is the fact that user input is not sanitized before being used as input for a shell_exec call. This vulnerability allows an unauthenticated remote attacker to exploit this vulnerability by using a specially crafted JSON input to remotely execute code as the user the web admin application is running as.

Risk description

The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Recommendation

Update WAGO devices firmware to the latest version.

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
May 2023
Published at
Updated at
Software Type
Web Admin platform
Vendor
WAGO
Product
WAGO Web Admin application