QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6027

Back to search

CVE-2017-6027

Published: May 19, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.

VendorProductVersions

n/a

3S-Smart Software Solutions GmbH CODESYS Web Server

affected
3S-Smart Software Solutions GmbH CODESYS Web Server

Weaknesses (CWE)

CWE-434

References

97174
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now