First published: Thu Jun 11 2020(Updated: )
An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
WAGO PFC200 Firmware | =03.03.10\(15\) | |
WAGO PFC200 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-6090 is critical with a CVSS score of 7.2.
The vulnerability CVE-2020-6090 allows code execution through a series of specially crafted HTTP requests.
WAGO PFC 200 firmware version 03.03.10(15) is affected by CVE-2020-6090.
No, WAGO PFC200 software is not vulnerable to CVE-2020-6090.
An attacker can exploit CVE-2020-6090 by making an authenticated HTTP request to trigger code execution.