CVE-2018-12981

moderate-risk
Published 2018-07-12

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability can be exploited by authenticated and unauthenticated users by sending special crafted requests to the web server allowing injecting code within the WBM. The code will be rendered and/or executed in the browser of the user's browser.

Do I need to act?

~
2.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
45014
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.4/10 Medium
NETWORK / LOW complexity

Affected Products (4)

Affected Vendors

Wago

References (12)

Exploit http://seclists.org/fulldisclosure/2018/Jul/38
Third Party Advisory https://cert.vde.com/en-us/advisories/vde-2018-010
Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-18-198-02
Exploit https://www.exploit-db.com/exploits/45014/
Exploit https://www.sec-consult.com/en/blog/advisories/remote-code-execution-via-multipl...
Third Party Advisory https://www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYw...
Exploit http://seclists.org/fulldisclosure/2018/Jul/38
Third Party Advisory https://cert.vde.com/en-us/advisories/vde-2018-010
Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-18-198-02
Exploit https://www.exploit-db.com/exploits/45014/
Exploit https://www.sec-consult.com/en/blog/advisories/remote-code-execution-via-multipl...
Third Party Advisory https://www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYw...
43
/ 100
moderate-risk
Severity 21/34 · High
Exploitability 12/34 · Low
Exposure 10/34 · Low