Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
3ssoftware codesys vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2011-5007
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and previous versions, as used on the ABB AC500 PLC and possibly other products, allows remote malicious users to execute arbitrary code via a long URI to TCP port 8080.
3ssoftware Codesys
2 EDB exploits
668
VMScore
CVE-2011-5008
Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer overflow.
3ssoftware Codesys 3.4
510
VMScore
CVE-2011-5009
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method.
3ssoftware Codesys 3.4
2 EDB exploits
570
VMScore
CVE-2011-5058
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote malicious users to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET request.
3ssoftware Codesys 3.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started