Show filters
14 Total Results
Displaying 1-10 of 14
Sort by:
Attacker Value
Unknown
CVE-2018-5440
Disclosure Date: February 15, 2018 (last updated November 26, 2024)
A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server.
0
Attacker Value
Unknown
CVE-2015-6484
Disclosure Date: October 25, 2015 (last updated October 05, 2023)
3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request.
0
Attacker Value
Unknown
CVE-2015-6482
Disclosure Date: October 18, 2015 (last updated October 05, 2023)
Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted request.
0
Attacker Value
Unknown
CVE-2014-0760
Disclosure Date: April 25, 2014 (last updated October 05, 2023)
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
0
Attacker Value
Unknown
CVE-2014-0769
Disclosure Date: April 25, 2014 (last updated October 05, 2023)
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001.
0
Attacker Value
Unknown
CVE-2014-0757
Disclosure Date: January 31, 2014 (last updated October 05, 2023)
Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
0
Attacker Value
Unknown
CVE-2013-2781
Disclosure Date: May 23, 2013 (last updated October 05, 2023)
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
0
Attacker Value
Unknown
CVE-2012-4705
Disclosure Date: February 24, 2013 (last updated October 05, 2023)
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
0
Attacker Value
Unknown
CVE-2012-4704
Disclosure Date: February 24, 2013 (last updated October 05, 2023)
Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
0
Attacker Value
Unknown
CVE-2012-4708
Disclosure Date: February 24, 2013 (last updated October 05, 2023)
Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
0
