WAGO - Remote Code Execution (CVE-2023-1698)
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
WAGO PFC100, PFC200, CC100, Edge Controller, Touch Panel 600 Standard, Advanced and Marine Line with firmware version >= 16 and <= 23 are vulnerable to CVE-2023-1698, a Remote Code Execution vulnerability, affecting the web admin component. The root cause of this vulnerability is the fact that user input is not sanitized before being used as input for a
shell_exec
call. This vulnerability allows an unauthenticated remote attacker to exploit this vulnerability by using a specially crafted JSON input to remotely execute code as the user the web admin application is running as.- Risk description
The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Update WAGO devices firmware to the latest version.
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- May 2023
- Published at
- Updated at
- Software Type
- Web Admin platform
- Vendor
- WAGO
- Product
- WAGO Web Admin application