Codesys: >> Remote Target Visu Toolkit Security Vulnerabilities
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
CVSS Score
7.3
EPSS Score
0.006
Published
2021-05-03
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-07-22
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
CVSS Score
9.8
EPSS Score
0.007
Published
2020-03-26
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-11-20
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
CVSS Score
7.5
EPSS Score
0.014
Published
2019-09-13
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
CVSS Score
9.8
EPSS Score
0.015
Published
2019-09-13
Page 2