Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-1698

Published: 15/05/2023 Updated: 26/05/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Wago

Vulnerability Summary

In multiple products of WAGO a vulnerability allows an unauthenticated, remote malicious user to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wago compact_controller_100_firmware

wago edge_controller_firmware 22

wago pfc100_firmware

wago pfc200_firmware

wago touch_panel_600_advanced_firmware 22

wago touch_panel_600_marine_firmware 22

wago touch_panel_600_standard_firmware 22

Github Repositories

https://github.com/codeb0ss/CVE-2023-1698-PoC

Mass Exploit - CVE-2023-1698 < Unauthenticated Remote Command Execution

CVE-2023-1698-PoC Mass Exploit - CVE-2023-1698 &lt; Unauthenticated Remote Command Execution Community : tme/codeb0ss 1x =&gt; Start/Exploiter = Auto exploit then run with random commands which included 2x =&gt; 1x =&gt; Option 1x + Auto get passwd = Auto exploit but it runs cat etc/passwd which it gives you system user/pass,etc

https://github.com/Chocapikk/CVE-2023-1698

WAGO Remote Exploit Tool for CVE-2023-1698

CVE-2023-1698 WAGO Remote Exploit Tool Description This script is designed to exploit a severe Remote Code Execution (RCE) vulnerability present in multiple WAGO products Unauthenticated attackers can leverage this flaw to create new users, alter device configurations, and potentially take over the entire system This can lead to unintended behaviors, Denial of Service (DoS),

https://github.com/thedarknessdied/WAGO-CVE-2023-1698

WAGO系统远程代码执行漏洞(CVE-2023-1698)

WAGO-CVE-2023-1698 WAGO系统远程代码执行漏洞(CVE-2023-1698) Attention I have developed a tool for local testing and POC development, which is for technical learning reference only Please do not use it for illegal purposes Any direct or indirect consequences and losses caused by individuals or organizations using the information provided in this article are the respon

References

CWE-78https://cert.vde.com/en/advisories/VDE-2023-007/https://nvd.nist.govhttps://github.com/codeb0ss/CVE-2023-1698-PoC
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook