Headline
CVE-2023-4149: VDE-2023-037 | CERT@VDE
A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management.
2023-11-21 08:00 (CET) VDE-2023-037
WAGO: Remote Code execution vulnerability in managed Switches
Share: Email | Twitter
Published
2023-11-21 08:00 (CET)
Last update
2023-11-10 07:53 (CET)
Vendor(s)
WAGO GmbH & Co. KG
Product(s)
Article No°
Product Name
Affected Version(s)
0852-0602
Industrial Managed Switch
< 1.0.6.S0
0852-0603
Industrial Managed Switch
< 1.0.6.S0
0852-1605
Industrial Managed Switch
< 1.2.5.S0
Summary
Affected products are vulnerable to remote code execution via command injection in the web-based management by an attacker.
CVE ID
Last Update:
Sept. 22, 2023, 3:29 p.m.
Severity
Weakness
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) (CWE-78)
Summary
A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management.
Details
Impact
An unprivileged attacker can fully compromise the system and access all files.
Solution
Mitigation
- Restrict network access to the device.
- Do not directly connect the device to the internet.
Remediation
WAGO recommends all affected users of products 0852-0602, 0852-0603 to update to firmware version 1.0.6.S0 and all affected users of 852-1605 to update to firmware version 1.2.5.S0.
Reported by
The vulnerability was reported by INTILION AG and GAI NetConsult.
Coordination done by CERT@VDE.