A specially crafted web server request may allow the upload of arbitrary files to the CODESYS Web Server without authorization which may allow remote code execution.
A malicious user could overflow a buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
A malicious user could overflow a buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name