CVE-2018-16059 Scanner

Endress+Hauser WirelessHART Fieldgate SWG70 is a device that is commonly used in industrial settings to communicate with other devices and systems through a wireless network. The purpose of this product is to provide a reliable and efficient communication channel between sensors and control systems. The Fieldgate SWG70 is a gateway between the wireless and wired networks and has the ability to store data, connect to the internet, and perform other functions related to wireless communication. 

CVE-2018-16059 is a vulnerability that has been identified in the Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices. This vulnerability is caused by a flaw in the fcgi-bin/wgsetcgi filename parameter, which allows attackers to perform directory traversal attacks. This means that the attacker can access files outside of the intended directory, which can lead to unauthorized access to sensitive data and other malicious activities.

When this vulnerability is exploited by an attacker, it can lead to serious consequences. The attacker can gain unauthorized access to sensitive data, including user credentials, configuration files, and other critical information. They can also upload malware, which can cause further damage to the system and other connected devices. Furthermore, the attacker can use the compromised device as a stepping stone to launch attacks on other devices and systems connected to the network.

As an advocate for cybersecurity awareness and protection, we highly recommend using the pro features of the securityforeveryone.com platform. By subscribing to this platform, you can easily and quickly learn about vulnerabilities in your digital assets and take appropriate actions to protect against them. The platform provides detailed reports on vulnerabilities, along with actionable steps to mitigate them. It also allows you to customize alerts and notifications based on your preferences, ensuring that you are always aware of potential threats to your digital assets.

REFERENCES

• http://www.securityfocus.com/bid/107416
• https://cert.vde.com/en-us/advisories/vde-2019-002
• https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
• https://www.exploit-db.com/exploits/45342/