Unauthenticated Remote Code Execution and Denial of Service Vulnerability in WAGO I/O-Check Service

Unauthenticated Remote Code Execution and Denial of Service Vulnerability in WAGO I/O-Check Service

CVE-2021-34567 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.

Learn more about our Web Application Penetration Testing UK.