Vulnerability CVE-2018-12980

Vulnerability CVE-2018-12980

Published: 2018-07-12

Description:

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.

See advisories in our WLB2 database:

	Topic	Author	Date
High	WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution	T. Weber	12.07.2018

Type:

CWE-434

(Unrestricted Upload of File with Dangerous Type)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.5/10	6.4/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

References:

http://seclists.org/fulldisclosure/2018/Jul/38

https://cert.vde.com/en-us/advisories/vde-2018-010

https://ics-cert.us-cert.gov/advisories/ICSA-18-198-02

https://www.exploit-db.com/exploits/45014/

https://www.sec-consult.com/en/blog/advisories/remote-code-execution-via-multiple-attack-vectors-in-wago-edisplay/

https://www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYwfGFwcGxpY2F0aW9uL3BkZnxoMWUvaDg4LzkzNjE3NTIxOTUxMDIucGRmfDU1NmJkYjEzNDY0ZGU4OWQ1OTMyMjUwNTlmZTI0MzgwNDQ1MDY1YzU3OWRmZDk1NzYzODAwMDI3ODg1NDJlZjU

Vulnerability CVE-2018-12980

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.

See advisories in our WLB2 database:

High

WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution

CWE-434

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

6.5/10

6.4/10

8/10

Remote

Low

Single time

Partial

Partial

Partial

References: