Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
3ssoftware codesys 3.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5008
Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer overflow.
3ssoftware Codesys 3.4
NA
CVE-2011-5009
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method.
3ssoftware Codesys 3.4
2 EDB exploits
NA
CVE-2011-5058
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET request.
3ssoftware Codesys 3.4
NA
CVE-2011-5007
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and previous versions, as used on the ABB AC500 PLC and possibly other products, allows remote malicious users to execute arbitrary code via a long URI to TCP port 8080.
3ssoftware Codesys
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started