Produkt Web server (...) - CVEMAP.ORG

Podatności dla 'Web server'

2017-05-18

CVE-2017-6027

CWE-434

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.

CVE-2017-6025

CWE-119

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.

>>> Vendor: Codesys 46 Produkty

Control for beaglebone

Control for empc-a/imx6

Control for iot2000

Control for pfc100

Control for pfc200

Control for raspberry pi

Control for empc-a\/imx6

Control for linux

Control for plcnext

Control runtime system toolkit

Embedded target visu toolkit

Remote target visu toolkit

Runtime toolkit

Simulation runtime

Development system

Control for wago touch panels 600

Automation server

V2 runtime system sp

Control for beaglebone sl

Control for beckhoff cx9020

Control for empc-a\/imx6 sl

Control for iot2000 sl

Control for linux sl

Control for pfc100 sl

Control for pfc200 sl

Control for plcnext sl

Control for raspberry pi sl

Control for wago touch panels 600 sl

Control rte sl \(for beckhoff cx\)

Copyright 2024, cxsecurity.com