Skip to main content

Codesys Gateway Server

8 CVEs product

Monthly

CVE-2015-6484 MEDIUM This Month

3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Codesys Gateway Server
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2015-6460 HIGH This Week

Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Codesys Gateway Server
NVD
CVSS 2.0
7.5
EPSS
8.6%
CVE-2013-2781 CRITICAL Act Now

Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Codesys Gateway Server
NVD
CVSS 2.0
10.0
EPSS
3.4%
CVE-2012-4708 CRITICAL Act Now

Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Codesys Gateway Server
NVD
CVSS 2.0
10.0
EPSS
7.5%
CVE-2012-4707 CRITICAL Act Now

3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Codesys Gateway Server
NVD
CVSS 2.0
10.0
EPSS
6.7%
CVE-2012-4706 HIGH This Week

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Codesys Gateway Server
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2012-4705 CRITICAL POC THREAT Emergency

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.4%.

Path Traversal RCE Codesys Gateway Server
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
70.4%
Threat
5.6
CVE-2012-4704 CRITICAL Act Now

Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.1% and no vendor patch available.

RCE Codesys Gateway Server
NVD
CVSS 2.0
10.0
EPSS
12.1%
EPSS 1% CVSS 5.0
MEDIUM This Month

3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Codesys Gateway Server
NVD
EPSS 9% CVSS 7.5
HIGH This Week

Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Buffer Overflow Codesys Gateway Server
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Codesys Gateway Server
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Codesys Gateway Server
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Codesys Gateway Server
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Codesys Gateway Server
NVD
EPSS 70% 5.6 CVSS 10.0
CRITICAL POC THREAT Emergency

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.4%.

Path Traversal RCE Codesys Gateway Server
NVD Exploit-DB
EPSS 12% CVSS 10.0
CRITICAL Act Now

Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.1% and no vendor patch available.

RCE Codesys Gateway Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy