Unauthenticated Remote Code Execution and Denial of Service Vulnerability in WAGO I/O-Check Service
CVE-2021-34566 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
Learn more about our Web Application Penetration Testing UK.