Unauthenticated Remote Code Execution and Denial of Service Vulnerability in WAGO I/O-Check Service

Unauthenticated Remote Code Execution and Denial of Service Vulnerability in WAGO I/O-Check Service

CVE-2021-34566 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.

Learn more about our Web Application Penetration Testing UK.