An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCodesys Web Server
APPCodesys≤ 2.3
Related vulnerabilities
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The follo...
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the comm...
In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been...
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enable...
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- s...