Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

3S CoDeSys CmpWebServer Multiple Vulnerabilities

Information

Severity

Severity

Critical

Family

Family

Buffer overflow

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

11 years ago

Modified

Modified

4 years ago

Summary

The host is running CoDeSys and is prone to multiple vulnerabilities.

Insight

Insight

- A boundary error in the Control service when processing web requests can be exploited to cause a stack-based buffer overflow via an overly long URL sent to TCP port 8080. - A NULL pointer dereference error in the CmbWebserver.dll module of the Control service when processing HTTP POST requests can be exploited to deny processing further requests via a specially crafted 'Content-Length' header sent to TCP port 8080. - A NULL pointer dereference error in the CmbWebserver.dll module of the Control service when processing web requests can be exploited to deny processing further requests by sending a request with an unknown HTTP method to TCP port 8080. - An error in the Control service when processing web requests containing a non existent directory can be exploited to create arbitrary directories within the webroot via requests sent to TCP port 8080. - An integer overflow error in the Gateway service when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted packet sent to TCP port 1217.

Affected Software

Affected Software

3S CoDeSys version 3.4 SP4 Patch 2 and prior.

Solution

Solution

Upgrade to version 3.5 or higher or 2.3.9.32 or higher.

Common Vulnerabilities and Exposures (CVE)