CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30190
https://notcve.org/view.php?id=CVE-2021-30190
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. CODESYS V2 Web-Server versiones anteriores a 1.1.9.20, presenta un Control de Acceso Inapropiado • https://customers.codesys.com/index.php https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14726&token=553da5d11234bbe1ceed59969d419a71bb8c8747&download= • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30189
https://notcve.org/view.php?id=CVE-2021-30189
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow. CODESYS V2 Web-Server versiones anteriores a 1.1.9.20, presenta un Desbordamiento del Búfer en la región Stack de la memoria • https://customers.codesys.com/index.php https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14726&token=553da5d11234bbe1ceed59969d419a71bb8c8747&download= • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6027
https://notcve.org/view.php?id=CVE-2017-6027
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution. Se detectó un problema de carga arbitraria de archivos en el Servidor Web de 3S-Smart Software Solutions GmbH CODESYS. Las siguientes versiones del Servidor Web de CODESYS, parte del programa de visualización del navegador web WebVisu de CODESYS, están afectadas: el Servidor Web de CODESYS versiones 2.3 y anteriores. • http://www.securityfocus.com/bid/97174 https://ics-cert.us-cert.gov/advisories/ICSA-17-087-02 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6025
https://notcve.org/view.php?id=CVE-2017-6025
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. Se detectó un problema de desbordamiento del búfer de pila en el Servidor Web de 3S-Smart Software Solutions GmbH CODESYS. • http://www.securityfocus.com/bid/97174 https://ics-cert.us-cert.gov/advisories/ICSA-17-087-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •