V2 runtime system SP
by Codesys
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-6068 | Cri | 0.64 | 9.8 | 0.05 | Jan 21, 2013 | The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer files via requests to the TCP listener service. | ||
| CVE-2021-30195 | 0.00 | — | 0.07 | May 25, 2021 | CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | |||
| CVE-2021-30188 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. | |||
| CVE-2021-30187 | 0.00 | — | 0.00 | May 25, 2021 | CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command. |
- risk 0.64cvss 9.8epss 0.05
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer files via requests to the TCP listener service.
- CVE-2021-30195May 25, 2021risk 0.00cvss —epss 0.07
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
- CVE-2021-30188May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.
- CVE-2021-30187May 25, 2021risk 0.00cvss —epss 0.00
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.