3s-software Codesys_runtime_system
6 CVEs affecting 3s-software Codesys_runtime_system. Latest disclosed: 2018-02-15. Critical: 3, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-6069 | Critical | 10.0 | 2013-01-21 | The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside… |
CVE-2018-5440 | Critical | 9.8 | 2018-02-15 | A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers r… |
CVE-2012-6068 | Critical | 9.8 | 2013-01-21 | The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the comman… |
CVE-2015-6482 | | 2015-10-18 | Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and applicat… | |
CVE-2014-0769 | | 2014-04-25 | The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for conne… | |
CVE-2014-0760 | | 2014-04-25 | The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method… |