Lucene search

K
cvelistIcscertCVELIST:CVE-2017-6027
HistoryMay 19, 2017 - 2:43 a.m.

CVE-2017-6027

2017-05-1902:43:00
CWE-434
icscert
www.cve.org

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.5%

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.

CNA Affected

[
  {
    "product": "3S-Smart Software Solutions GmbH CODESYS Web Server",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "3S-Smart Software Solutions GmbH CODESYS Web Server"
      }
    ]
  }
]

9.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.5%

Related for CVELIST:CVE-2017-6027