Lucene search
K
CodesysV2 Web Server

6 matches found

CVE
CVE
•added 2021/05/25 12:9 p.m.•74 views

CVE-2021-30190

The CVE-2021-30190 entry covers CODESYS V2 Web-Server prior to version 1.1.9.20 with an Improper Access Control flaw. Public sources (ICSA-21-173-02, CNVD/NVD, 3rd-party advisories) describe that unauthorized remote requests can bypass authentication to read or write values on the PLC via the web...

9.8CVSS9.4AI score0.01402EPSS
CVE
CVE
•added 2021/05/25 12:9 p.m.•63 views

CVE-2021-30192

CVE-2021-30192 affects CODESYS V2 Web-Server prior to 1.1.9.20. The vulnerability is an Improperly Implemented Security Check (CWE-358) that enables bypass of security protections on the web server, with consequences including the potential to read/write values or upload boot‑related files withou...

9.8CVSS9.4AI score0.01151EPSS
CVE
CVE
•added 2021/05/25 12:9 p.m.•58 views

CVE-2021-30191

CVE-2021-30191 affects the CODESYS V2 Web-Server prior to 1.1.9.20. The root cause is a buffer copy without checking input size, causing a classic stack-based buffer overflow. Impact described in sources includes remote execution of code or denial of service by crashing the web server, with high-...

7.5CVSS8AI score0.01017EPSS
CVE
CVE
•added 2021/05/25 12:9 p.m.•53 views

CVE-2021-30189

The CVE-2021-30189 vulnerability affects CODESYS V2 Web-Server prior to version 1.1.9.20. It is described as a stack-based buffer overflow in the web server component, which in practice could allow an attacker to run arbitrary code or cause a denial-of-service by crashing the service. Public docu...

9.8CVSS9.4AI score0.0127EPSS
CVE
CVE
•added 2021/05/25 12:9 p.m.•52 views

CVE-2021-30193

CVE-2021-30193 affects CODESYS V2 Web-Server before 1.1.9.20. The vulnerability is an Out-of-bounds Write in the web server component, enabling crafted requests to write to arbitrary memory in the CODESYS Control runtime (potential remote code execution or crash). Affected products include CODESY...

9.8CVSS9.4AI score0.01151EPSS
CVE
CVE
•added 2021/05/25 12:9 p.m.•50 views

CVE-2021-30194

CVE-2021-30194 applies to CODESYS V2 Web-Server prior to 1.1.9.20, with an Out-of-bounds Read vulnerability in the web server component. Public sources in connected documents confirm affected product/version and impact (read arbitrary memory; potential crash). CODESYS has released version 1.1.9.2...

9.1CVSS9.3AI score0.01151EPSS