HIGH🇬🇧 English

CVE-2023-6357

CVSS 8.8v3.1pub. 2023-12-05upd. 2024-11-21

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Codesys Control For Beaglebone Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Empc A\/imx6

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Iot2000 Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Linux Arm Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Linux Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Pfc100 Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Pfc200 Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Plcnext Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Raspberry Pi Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Control For Wago Touch Panels 600 Sl

    APP
    Codesys
    < 4.11.0.0
  • Codesys Runtime Toolkit

    APP
    Codesys
    < 3.5.19.50
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2022-31806CRITICAL9.8ten sam produkt

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enable...

CVE-2020-10245CRITICAL9.8ten sam produkt

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

CVE-2019-18858CRITICAL9.8ten sam produkt

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overf...

CVE-2019-13548CRITICAL9.8ten sam produkt

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or h...

CVE-2019-9010CRITICAL9.8ten sam produkt

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the own...