Lucene search

[email protected]CVE-2018-12979

HistoryJul 12, 2018 - 6:29 p.m.

CVE-2018-12979

2018-07-1218:29:00

CWE-732

[email protected]

web.nvd.nist.gov

wago

e!display

firmware

security issue

nvd

file upload

permissions

cve-2018-12979

5.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

7.3 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestricted file upload in the WBM.

Affected configurations

NVD

Node

wago762-3000Match-

AND

wago762-3000_firmwareRange<02

Node

wago762-3001Match-

AND

wago762-3001_firmwareRange<02

Node

wago762-3002Match-

AND

wago762-3002_firmwareRange<02

Node

wago762-3003Match-

AND

wago762-3003_firmwareRange<02

CPENameOperatorVersion
wago:762-3000_firmwarewago 762-3000 firmwarelt02

CPE	Name	Operator	Version
wago:762-3000_firmware	wago 762-3000 firmware	lt	02

References

seclists.org/fulldisclosure/2018/Jul/38

cert.vde.com/en-us/advisories/vde-2018-010

ics-cert.us-cert.gov/advisories/ICSA-18-198-02

www.exploit-db.com/exploits/45014/

www.sec-consult.com/en/blog/advisories/remote-code-execution-via-multiple-attack-vectors-in-wago-edisplay/

www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYwfGFwcGxpY2F0aW9uL3BkZnxoMWUvaDg4LzkzNjE3NTIxOTUxMDIucGRmfDU1NmJkYjEzNDY0ZGU4OWQ1OTMyMjUwNTlmZTI0MzgwNDQ1MDY1YzU3OWRmZDk1NzYzODAwMDI3ODg1NDJlZjU