CVE-2021-34567

In WAGOI/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CERTVDECNA
8.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
wago750-8100_firmware
𝑥
< 18
wago750-8101_firmware
𝑥
< 18
wago750-8101\/025-000_firmware
𝑥
< 18
wago750-8102_firmware
𝑥
< 18
wago750-8102\/025-000_firmware
𝑥
< 18
wago750-8202_firmware
𝑥
< 18
wago750-8202\/000-011_firmware
𝑥
< 18
wago750-8202\/000-012_firmware
𝑥
< 18
wago750-8202\/000-022_firmware
𝑥
< 18
wago750-8202\/025-000_firmware
𝑥
< 18
wago750-8202\/025-001_firmware
𝑥
< 18
wago750-8202\/025-002_firmware
𝑥
< 18
wago750-8202\/040-000_firmware
𝑥
< 18
wago750-8202\/040-001_firmware
𝑥
< 18
wago752-8303\/8000-002_firmware
𝑥
< 18
wago762-4101_firmware
𝑥
< 18
wago762-4102_firmware
𝑥
< 18
wago762-4103_firmware
𝑥
< 18
wago762-4104_firmware
𝑥
< 18
wago762-4201\/8000-001_firmware
𝑥
< 18
wago762-4202\/8000-001_firmware
𝑥
< 18
wago762-4203\/8000-001_firmware
𝑥
< 18
wago762-4204\/8000-001_firmware
𝑥
< 18
wago762-4205\/8000-001_firmware
𝑥
< 18
wago762-4205\/8000-002_firmware
𝑥
< 18
wago762-4206\/8000-001_firmware
𝑥
< 18
wago762-4206\/8000-002_firmware
𝑥
< 18
wago762-4301\/8000-002_firmware
𝑥
< 18
wago762-4302\/8000-002_firmware
𝑥
< 18
wago762-4303\/8000-002_firmware
𝑥
< 18
wago762-4304\/8000-002_firmware
𝑥
< 18
wago762-4305\/8000-002_firmware
𝑥
< 18
wago762-4306\/8000-002_firmware
𝑥
< 18
wago762-5203\/8000-001_firmware
𝑥
< 18
wago762-5204\/8000-001_firmware
𝑥
< 18
wago762-5205\/8000-001_firmware
𝑥
< 18
wago762-5206\/8000-001_firmware
𝑥
< 18
wago762-5303\/8000-002_firmware
𝑥
< 18
wago762-5304\/8000-002_firmware
𝑥
< 18
wago762-5305\/8000-002_firmware
𝑥
< 18
wago762-5306\/8000-002_firmware
𝑥
< 18
wago762-6201\/8000-001_firmware
𝑥
< 18
wago762-6202\/8000-001_firmware
𝑥
< 18
wago762-6203\/8000-001_firmware
𝑥
< 18
wago762-6204\/8000-001_firmware
𝑥
< 18
wago762-6301\/8000-002_firmware
𝑥
< 18
wago762-6302\/8000-002_firmware
𝑥
< 18
wago762-6303\/8000-002_firmware
𝑥
< 18
wago762-6304\/8000-002_firmware
𝑥
< 18
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2020-036/
https://cert.vde.com/en/advisories/VDE-2020-036/