Vulnerability Details CVE-2019-13532
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-13532
-
cpe:2.3:a:codesys:control_for_beaglebone:-
-
cpe:2.3:a:codesys:control_for_beaglebone:3.0.0.0
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.0
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.20
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.30
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.0
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.10
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.20
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.50
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.60
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.0
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.10
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.30
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.70
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.13.0
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.13.20
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.13.30
-
cpe:2.3:a:codesys:control_for_beaglebone:3.5.14.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:-
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.0.0.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.10.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.10.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.10
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.50
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.60
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.10
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.30
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.70
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.13.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.13.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.13.30
-
cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.14.0
-
cpe:2.3:a:codesys:control_for_iot2000:-
-
cpe:2.3:a:codesys:control_for_iot2000:3.0.0.0
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.11.0
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.11.10
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.11.20
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.11.50
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.11.60
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.12.0
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.12.10
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.12.30
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.12.70
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.13.0
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.13.20
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.13.30
-
cpe:2.3:a:codesys:control_for_iot2000:3.5.14.0
-
cpe:2.3:a:codesys:control_for_linux:-
-
cpe:2.3:a:codesys:control_for_linux:3.5.13.0
-
cpe:2.3:a:codesys:control_for_linux:3.5.13.20
-
cpe:2.3:a:codesys:control_for_linux:3.5.13.30
-
cpe:2.3:a:codesys:control_for_linux:3.5.14.0
-
cpe:2.3:a:codesys:control_for_pfc100:-
-
cpe:2.3:a:codesys:control_for_pfc100:3.0.0.0
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.11.0
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.11.10
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.11.20
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.11.50
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.11.60
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.12.0
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.12.10
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.12.30
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.12.40
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.12.70
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.13.0
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.13.20
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.13.30
-
cpe:2.3:a:codesys:control_for_pfc100:3.5.14.0
-
cpe:2.3:a:codesys:control_for_pfc200:-
-
cpe:2.3:a:codesys:control_for_pfc200:3.0.0.0
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.10.0
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.10.20
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.11.0
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.11.10
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.11.20
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.11.50
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.11.60
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.12.0
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.12.10
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.12.30
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.12.40
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.12.70
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.13.0
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.13.10
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.13.20
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.13.30
-
cpe:2.3:a:codesys:control_for_pfc200:3.5.14.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:-
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.0.0.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.10.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.10.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.10
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.50
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.60
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.10
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.30
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.70
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.13.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.13.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.13.30
-
cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.14.0
-
cpe:2.3:a:codesys:control_rte:3.5.10.0
-
cpe:2.3:a:codesys:control_rte:3.5.10.10
-
cpe:2.3:a:codesys:control_rte:3.5.10.20
-
cpe:2.3:a:codesys:control_rte:3.5.10.40
-
cpe:2.3:a:codesys:control_rte:3.5.10.50
-
cpe:2.3:a:codesys:control_rte:3.5.10.60
-
cpe:2.3:a:codesys:control_rte:3.5.10.95
-
cpe:2.3:a:codesys:control_rte:3.5.11.0
-
cpe:2.3:a:codesys:control_rte:3.5.11.10
-
cpe:2.3:a:codesys:control_rte:3.5.11.20
-
cpe:2.3:a:codesys:control_rte:3.5.11.30
-
cpe:2.3:a:codesys:control_rte:3.5.11.40
-
cpe:2.3:a:codesys:control_rte:3.5.11.42
-
cpe:2.3:a:codesys:control_rte:3.5.11.50
-
cpe:2.3:a:codesys:control_rte:3.5.11.60
-
cpe:2.3:a:codesys:control_rte:3.5.12.0
-
cpe:2.3:a:codesys:control_rte:3.5.12.1
-
cpe:2.3:a:codesys:control_rte:3.5.12.10
-
cpe:2.3:a:codesys:control_rte:3.5.12.20
-
cpe:2.3:a:codesys:control_rte:3.5.12.30
-
cpe:2.3:a:codesys:control_rte:3.5.12.40
-
cpe:2.3:a:codesys:control_rte:3.5.12.50
-
cpe:2.3:a:codesys:control_rte:3.5.12.60
-
cpe:2.3:a:codesys:control_rte:3.5.12.70
-
cpe:2.3:a:codesys:control_rte:3.5.13.0
-
cpe:2.3:a:codesys:control_rte:3.5.13.10
-
cpe:2.3:a:codesys:control_rte:3.5.13.20
-
cpe:2.3:a:codesys:control_rte:3.5.13.30
-
cpe:2.3:a:codesys:control_rte:3.5.13.40
-
cpe:2.3:a:codesys:control_rte:3.5.14.0
-
cpe:2.3:a:codesys:control_rte:3.5.8.60
-
cpe:2.3:a:codesys:control_rte:3.5.9.40
-
cpe:2.3:a:codesys:control_rte:3.5.9.50
-
cpe:2.3:a:codesys:control_rte:3.5.9.60
-
cpe:2.3:a:codesys:control_rte:3.5.9.70
-
cpe:2.3:a:codesys:control_runtime_system_toolkit:3.0
-
cpe:2.3:a:codesys:control_win:*
-
cpe:2.3:a:codesys:control_win:3.5.12.30
-
cpe:2.3:a:codesys:control_win:3.5.12.80
-
cpe:2.3:a:codesys:control_win:3.5.9.80
-
cpe:2.3:a:codesys:embedded_target_visu_toolkit:3.0
-
cpe:2.3:a:codesys:embedded_target_visu_toolkit:3.5.12.30
-
cpe:2.3:a:codesys:hmi:3.5.10.0
-
cpe:2.3:a:codesys:hmi:3.5.10.10
-
cpe:2.3:a:codesys:hmi:3.5.10.20
-
cpe:2.3:a:codesys:hmi:3.5.10.30
-
cpe:2.3:a:codesys:hmi:3.5.10.30.
-
cpe:2.3:a:codesys:hmi:3.5.10.40
-
cpe:2.3:a:codesys:hmi:3.5.10.50
-
cpe:2.3:a:codesys:hmi:3.5.10.60
-
cpe:2.3:a:codesys:hmi:3.5.10.70
-
cpe:2.3:a:codesys:hmi:3.5.11.0
-
cpe:2.3:a:codesys:hmi:3.5.11.10
-
cpe:2.3:a:codesys:hmi:3.5.11.20
-
cpe:2.3:a:codesys:hmi:3.5.11.30
-
cpe:2.3:a:codesys:hmi:3.5.11.40
-
cpe:2.3:a:codesys:hmi:3.5.11.50
-
cpe:2.3:a:codesys:hmi:3.5.11.60
-
cpe:2.3:a:codesys:hmi:3.5.12.0
-
cpe:2.3:a:codesys:hmi:3.5.12.10
-
cpe:2.3:a:codesys:hmi:3.5.12.20
-
cpe:2.3:a:codesys:hmi:3.5.12.30
-
cpe:2.3:a:codesys:hmi:3.5.12.40
-
cpe:2.3:a:codesys:hmi:3.5.12.50
-
cpe:2.3:a:codesys:hmi:3.5.12.70
-
cpe:2.3:a:codesys:hmi:3.5.13.0
-
cpe:2.3:a:codesys:hmi:3.5.13.10
-
cpe:2.3:a:codesys:hmi:3.5.13.20
-
cpe:2.3:a:codesys:hmi:3.5.13.30
-
cpe:2.3:a:codesys:hmi:3.5.13.40
-
cpe:2.3:a:codesys:hmi:3.5.14.0
-
cpe:2.3:a:codesys:remote_target_visu_toolkit:3.0
-
cpe:2.3:a:codesys:remote_target_visu_toolkit:3.5.12.30