Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codesys web server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-31805
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
Codesys Runtime Toolkit
Codesys Plcwinnt
Codesys Plchandler
Codesys Opc Server
Codesys Edge Gateway
Codesys Hmi Sl
Codesys Sp Realtime Nt
Codesys Web Server
Codesys Gateway
Codesys Development System
1 Github repository
7.5
CVSSv3
CVE-2021-34586
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
Codesys Codesys
9.1
CVSSv3
CVE-2021-34584
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
Codesys Codesys
7.5
CVSSv3
CVE-2021-34585
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
Codesys Codesys
7.5
CVSSv3
CVE-2021-34583
Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
Codesys Codesys
7.5
CVSSv3
CVE-2021-36763
In CODESYS V3 web server prior to 3.5.17.10, files or directories are accessible to External Parties.
Codesys Control
Codesys Control Rte
Codesys Control Runtime System Toolkit
Codesys Control Win Sl
Codesys Embedded Target Visu Toolkit
Codesys Hmi
Codesys Remote Target Visu Toolkit
7.5
CVSSv3
CVE-2021-30191
CODESYS V2 Web-Server prior to 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
Codesys V2 Web Server
9.8
CVSSv3
CVE-2021-30192
CODESYS V2 Web-Server prior to 1.1.9.20 has an Improperly Implemented Security Check.
Codesys V2 Web Server
9.8
CVSSv3
CVE-2021-30190
CODESYS V2 Web-Server prior to 1.1.9.20 has Improper Access Control.
Codesys V2 Web Server
9.8
CVSSv3
CVE-2021-30193
CODESYS V2 Web-Server prior to 1.1.9.20 has an Out-of-bounds Write.
Codesys V2 Web Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »