VYPR

CODESYS Gateway Server

by 3S Smart Software Solutions

CVEs (10)

  • CVE-2017-6027CriMay 19, 2017
    risk 0.64cvss 9.8epss 0.03

    An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A…

  • CVE-2017-6025CriMay 19, 2017
    risk 0.64cvss 9.8epss 0.02

    A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious…

  • CVE-2012-4705Feb 24, 2013
    risk 0.08cvss epss 0.66

    Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.

  • CVE-2012-4708Feb 24, 2013
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.

  • CVE-2015-6484Oct 25, 2015
    risk 0.00cvss epss 0.02

    3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request.

  • CVE-2015-6460Sep 18, 2015
    risk 0.00cvss epss 0.06

    Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.

  • CVE-2013-2781May 23, 2013
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

  • CVE-2012-4707Feb 24, 2013
    risk 0.00cvss epss 0.04

    3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.

  • CVE-2012-4706Feb 24, 2013
    risk 0.00cvss epss 0.02

    Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.

  • CVE-2012-4704Feb 24, 2013
    risk 0.00cvss epss 0.04

    Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.