Vulnerability CVE-2015-6472


Published: 2017-08-22   Modified: 2017-08-23

Description:
WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation
Karn Ganeshen
04.03.2016

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
WAGO -> Wago i/o plc 758-870 firmware 
WAGO -> Wago i/o plc 750-881 firmware 
WAGO -> Wago i/o plc 750-849 firmware 

 References:
http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html
http://seclists.org/fulldisclosure/2016/Mar/4
http://www.securityfocus.com/bid/84138

Copyright 2024, cxsecurity.com

 

Back to Top