Vulnerability Description
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 750-8100 Firmware | < 18 |
| Wago | 750-8100 | - |
| Wago | 750-8101 Firmware | < 18 |
| Wago | 750-8101 | - |
| Wago | 750-8101\/025-000 Firmware | < 18 |
| Wago | 750-8101\/025-000 | - |
| Wago | 750-8102 Firmware | < 18 |
| Wago | 750-8102 | - |
| Wago | 750-8102\/025-000 Firmware | < 18 |
| Wago | 750-8102\/025-000 | - |
| Wago | 750-8202 Firmware | < 18 |
| Wago | 750-8202 | - |
| Wago | 750-8202\/000-011 Firmware | < 18 |
| Wago | 750-8202\/000-011 | - |
| Wago | 750-8202\/000-012 Firmware | < 18 |
| Wago | 750-8202\/000-012 | - |
| Wago | 750-8202\/000-022 Firmware | < 18 |
| Wago | 750-8202\/000-022 | - |
| Wago | 750-8202\/025-000 Firmware | < 18 |
| Wago | 750-8202\/025-000 | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en/advisories/VDE-2020-036/Vendor Advisory
- https://cert.vde.com/en/advisories/VDE-2020-036/Vendor Advisory
FAQ
What is CVE-2021-34567?
CVE-2021-34567 is a vulnerability with a CVSS score of 8.2 (HIGH). In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds...
How severe is CVE-2021-34567?
CVE-2021-34567 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-34567?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 750-8100 Firmware, Wago 750-8100, Wago 750-8101 Firmware, Wago 750-8101, Wago 750-8101\/025-000 Firmware.