Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests.
References
Link | Resource |
---|---|
https://cert.vde.com/de-de/advisories/vde-2019-017 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-19T00:02:03
Updated: 2019-10-19T00:02:03
Reserved: 2019-10-18T00:00:00
Link: CVE-2019-18202
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-10-19T01:15:10.467
Modified: 2023-03-13T18:13:07.650
Link: CVE-2019-18202
JSON object: View
Redhat Information
No data.
CWE