Web Server
by Codesys
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6027 | Cri | 0.64 | 9.8 | 0.03 | May 19, 2017 | An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A… | ||
| CVE-2017-6025 | Cri | 0.64 | 9.8 | 0.02 | May 19, 2017 | A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious… | ||
| CVE-2024-8175 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. | ||
| CVE-2021-34585 | 0.00 | — | 0.01 | Oct 26, 2021 | In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation. | |||
| CVE-2021-34584 | 0.00 | — | 0.01 | Oct 26, 2021 | Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | |||
| CVE-2021-30194 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. | |||
| CVE-2021-30192 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. | |||
| CVE-2021-30191 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input. | |||
| CVE-2021-30190 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. | |||
| CVE-2021-30189 | 0.00 | — | 0.01 | May 25, 2021 | CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow. | |||
| CVE-2019-13548 | 0.00 | — | 0.06 | Sep 13, 2019 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. | |||
| CVE-2019-13532 | 0.00 | — | 0.03 | Sep 13, 2019 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. |
- risk 0.64cvss 9.8epss 0.03
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A…
- risk 0.64cvss 9.8epss 0.02
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious…
- risk 0.49cvss 7.5epss 0.01
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.
- CVE-2021-34585Oct 26, 2021risk 0.00cvss —epss 0.01
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
- CVE-2021-34584Oct 26, 2021risk 0.00cvss —epss 0.01
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
- CVE-2021-30194May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.
- CVE-2021-30192May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.
- CVE-2021-30191May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
- CVE-2021-30190May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.
- CVE-2021-30189May 25, 2021risk 0.00cvss —epss 0.01
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.
- CVE-2019-13548Sep 13, 2019risk 0.00cvss —epss 0.06
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
- CVE-2019-13532Sep 13, 2019risk 0.00cvss —epss 0.03
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.