WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in the WAGO 750-8212 PFC200 G2 2ETH RS firmware version 03.05.10(17). This vulnerability allows attackers to manipulate user session cookies, specifically the 'name' and 'roles' parameters, to gain administrative privileges from a regular user status, without the need for authentication.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a user to gain administrative rights on the device.

Reproduction

To reproduce this vulnerability, send a request to the device's web management interface (WBM) with a cookie that includes the 'user' parameter set to a regular user's name and roles. Once the session is established, the 'name' and 'roles' parameters can be modified to reflect those of an admin user, effectively elevating privileges.