Vulnerabilities
Vulnerable Software
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet.
CVSS Score
4.9
EPSS Score
0.002
Published
2023-06-26
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
CVSS Score
4.9
EPSS Score
0.001
Published
2023-06-26
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service and an limited out-of-bounds read.
CVSS Score
8.2
EPSS Score
0.01
Published
2022-11-09
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-11-09
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.
CVSS Score
7.5
EPSS Score
0.016
Published
2021-10-26
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
CVSS Score
8.1
EPSS Score
0.005
Published
2021-10-26
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-10-26
Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
CVSS Score
7.5
EPSS Score
0.038
Published
2021-10-26


Contact Us

Shodan ® - All rights reserved