Search Results | AttackerKB

Show filters

Topics 34 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

34 Total Results

Displaying 21-30 of 34

Attacker Value

Unknown

CVE-2014-0769

Disclosure Date: April 25, 2014 (last updated October 05, 2023)

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.

0

Attacker Value

Unknown

CVE-2014-0757

Disclosure Date: January 31, 2014 (last updated October 05, 2023)

Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.

0

Attacker Value

Unknown

CVE-2013-2781

Disclosure Date: May 23, 2013 (last updated October 05, 2023)

Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

0

Attacker Value

Unknown

CVE-2012-4705

Disclosure Date: February 24, 2013 (last updated October 05, 2023)

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.

0

Attacker Value

Unknown

CVE-2012-4704

Disclosure Date: February 24, 2013 (last updated October 05, 2023)

Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.

0

Attacker Value

Unknown

CVE-2012-4708

Disclosure Date: February 24, 2013 (last updated October 05, 2023)

Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.

0

Attacker Value

Unknown

CVE-2012-4706

Disclosure Date: February 24, 2013 (last updated October 05, 2023)

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.

0

Attacker Value

Unknown

CVE-2012-4707

Disclosure Date: February 24, 2013 (last updated October 05, 2023)

3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.

0

Attacker Value

Unknown

CVE-2012-6069

Disclosure Date: January 21, 2013 (last updated October 05, 2023)

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. (dot dot) in a request to the TCP listener service.

0

Attacker Value

Unknown

CVE-2012-6068

Disclosure Date: January 21, 2013 (last updated October 05, 2023)

The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener service or (2) transfer files via requests to the TCP listener service.

0