Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
3S CoDeSys CmpWebServer Multiple Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is running CoDeSys and is prone to multiple vulnerabilities.
Insight
Insight
- A boundary error in the Control service when processing web requests can be exploited to cause a stack-based buffer overflow via an overly long URL sent to TCP port 8080. - A NULL pointer dereference error in the CmbWebserver.dll module of the Control service when processing HTTP POST requests can be exploited to deny processing further requests via a specially crafted 'Content-Length' header sent to TCP port 8080. - A NULL pointer dereference error in the CmbWebserver.dll module of the Control service when processing web requests can be exploited to deny processing further requests by sending a request with an unknown HTTP method to TCP port 8080. - An error in the Control service when processing web requests containing a non existent directory can be exploited to create arbitrary directories within the webroot via requests sent to TCP port 8080. - An integer overflow error in the Gateway service when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted packet sent to TCP port 1217.
Affected Software
Affected Software
3S CoDeSys version 3.4 SP4 Patch 2 and prior.
Solution
Solution
Upgrade to version 3.5 or higher or 2.3.9.32 or higher.