A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server.
Max CVSS
9.8
EPSS Score
0.40%
Published
2018-02-15
Updated
2020-09-18
Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted request.
Max CVSS
5.0
EPSS Score
0.31%
Published
2015-10-18
Updated
2015-10-20
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.
Max CVSS
9.3
EPSS Score
0.51%
Published
2014-04-25
Updated
2014-04-25
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
9.3
EPSS Score
0.83%
Published
2014-04-25
Updated
2014-04-25
Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.31%
Published
2014-01-31
Updated
2014-02-21
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.32%
Published
2013-05-23
Updated
2013-05-23
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. (dot dot) in a request to the TCP listener service.
Max CVSS
10.0
EPSS Score
1.35%
Published
2013-01-21
Updated
2015-10-08
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener service or (2) transfer files via requests to the TCP listener service.
Max CVSS
10.0
EPSS Score
0.47%
Published
2013-01-21
Updated
2014-05-05
Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
Max CVSS
10.0
EPSS Score
5.37%
Published
2013-02-24
Updated
2013-05-21
3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.
Max CVSS
10.0
EPSS Score
4.81%
Published
2013-02-24
Updated
2013-05-21
Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.
Max CVSS
7.8
EPSS Score
0.24%
Published
2013-02-24
Updated
2013-05-21

CVE-2012-4705

Public exploit
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
Max CVSS
10.0
EPSS Score
67.26%
Published
2013-02-24
Updated
2013-05-21
Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
Max CVSS
10.0
EPSS Score
6.90%
Published
2013-02-24
Updated
2013-05-21
13 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!