CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6484
https://notcve.org/view.php?id=CVE-2015-6484
3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request. 3S-Smart CODESYS Gateway Server en versiones anteriores a 2.3.9.48 permite a atacantes remotos causar una denegación de servicio (referencia a puntero NULL y caída de demonio) a través de una petición manipulada (1) GET o (2) POST. • https://ics-cert.us-cert.gov/advisories/ICSA-15-293-03 •
CVSS: 7.5EPSS: 26%CPEs: 1EXPL: 0CVE-2015-6460 – CODESYS Gateway Server Opcode 0x3f0 Heap Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6460
Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. Múltiples desbordamientos de búfer basados en la pila en 3S-Smart CODESYS Gateway Server antes de la versión 2.3.9.34 permiten a los atacantes remotos ejecutar código arbitrario a través del opcode (1) 0x3ef o (2) 0x3f0 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CODESYS Gateway Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the 0x03f0 opcode. An attacker can send a large buffer of data to the server which causes a heap buffer overflow. An attacker can leverage this vulnerability to execute code under the context of the process. • http://zerodayinitiative.com/advisories/ZDI-15-441 http://zerodayinitiative.com/advisories/ZDI-15-442 https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •