Threat Encyclopedia

PepperlFuchs.Web.Interface.Authenticated.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection Vulnerability in Pepperl+Fuchs P+F Comtrol RocketLinx devices.
The vulnerability is due to the lack of Cross-Site Request Forgery protection. A remote attacker can exploit this vulnerability by luring the victim to click on a malicious link. Successful exploitation could lead to the execution of arbitrary commands in the context of a root user.

affected-products-logoAffected Products

Pepperl+Fuchs Comtrol RocketLinx ES7510-XT
Pepperl+Fuchs Comtrol RocketLinx ES8509-XT
Pepperl+Fuchs Comtrol RocketLinx ES8510-XT
Pepperl+Fuchs Comtrol RocketLinx ES9528-XTv2
Pepperl+Fuchs Comtrol RocketLinx ES7506
Pepperl+Fuchs Comtrol RocketLinx ES7510
Pepperl+Fuchs Comtrol RocketLinx ES7528
Pepperl+Fuchs Comtrol RocketLinx ES8508
Pepperl+Fuchs Comtrol RocketLinx ES8508F
Pepperl+Fuchs Comtrol RocketLinx ES8510
Pepperl+Fuchs Comtrol RocketLinx ES8510-XTE
Pepperl+Fuchs Comtrol RocketLinx ES9528/ES9528-XT (all versions)
Pepperl+Fuchs ICRL-M-8RJ45/4SFP-G-DIN
Pepperl+Fuchs ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Disable TFTP-Service if not needed.
Apply the latest update from the vendor.
https://downloads.comtrol.com/

CVE References

CVE-2020-12503

Telemetry logoTelemetry