CVE-2018-12980 : An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerabilit

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability allows an authenticated user to upload arbitrary files to the file system with the permissions of the web server.

Published 2018-07-12 18:29:00

Updated 2021-05-20 20:09:57

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2018-12980

Probability of exploitation activity in the next 30 days: 1.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-12980

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-12980

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-12980

https://www.sec-consult.com/en/blog/advisories/remote-code-execution-via-multiple-attack-vectors-in-wago-edisplay/

Remote code execution via multiple attack vectors in WAGO e!DISPLAY 7300T – SEC Consult
Exploit;Third Party Advisory

CVEs referencing this url
https://www.exploit-db.com/exploits/45014/

WAGO e!DISPLAY 7300T - Multiple Vulnerabilities
Exploit;Third Party Advisory;VDB Entry

CVEs referencing this url
https://www.wago.com/medias/SA-WBM-2018-004.pdf?context=bWFzdGVyfHJvb3R8MjgyNzYwfGFwcGxpY2F0aW9uL3BkZnxoMWUvaDg4LzkzNjE3NTIxOTUxMDIucGRmfDU1NmJkYjEzNDY0ZGU4OWQ1OTMyMjUwNTlmZTI0MzgwNDQ1MDY1YzU3OWRmZDk1NzYzODAwMDI3ODg1NDJlZjU

Third Party Advisory

CVEs referencing this url
http://seclists.org/fulldisclosure/2018/Jul/38

Full Disclosure: SEC Consult SA-20180711-0 :: Remote code execution via multiple attack vectors in WAGO e!DISPLAY 7300T
Exploit;Mailing List;Third Party Advisory

CVEs referencing this url
https://ics-cert.us-cert.gov/advisories/ICSA-18-198-02

WAGO e!DISPLAY Web-Based-Management | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url
https://cert.vde.com/en-us/advisories/vde-2018-010

WAGO Multiple vulnerabilities in e!DISPLAY products — English (USA)
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2018-12980

Wago » 762-3000 Firmware
Versions before (<) 02
cpe:2.3:o:wago:762-3000_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Wago » 762-3000 » Version: N/A
Wago » 762-3001 Firmware
Versions before (<) 02
cpe:2.3:o:wago:762-3001_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Wago » 762-3001 » Version: N/A
Wago » 762-3002 Firmware
Versions before (<) 02
cpe:2.3:o:wago:762-3002_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Wago » 762-3002 » Version: N/A
Wago » 762-3003 Firmware
Versions before (<) 02
cpe:2.3:o:wago:762-3003_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Wago » 762-3003 » Version: N/A

Vulnerability Details : CVE-2018-12980

Exploit prediction scoring system (EPSS) score for CVE-2018-12980

CVSS scores for CVE-2018-12980

CWE ids for CVE-2018-12980

References for CVE-2018-12980

Products affected by CVE-2018-12980