N/A

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/edit_dns_server %s dns-server-nr=%d dns-server-name=<contents of dns node> using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many dns entries will be parsed from the xml file.

N/A

N/A

WAGO PFC 200 操作系统命令注入漏洞

WAGO PFC 200是德国WAGO公司的一款可编程逻辑控制器（PLC）。 WAGO PFC 200 03.02.02(14)版本中的iocheckd服务的I/O-Check功能存在操作系统命令注入漏洞。本地攻击者可通过发送特制的数据包利用该漏洞执行任意操作系统命令。

N/A

N/A