CVE-2012-4705
3S CODESYS Gateway-Server <2.3.9.27 - Path Traversal
Title source: llmDescription
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/41712
metasploit
WORKING POC
EXCELLENT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb
Scores
EPSS
0.7039
EPSS Percentile
98.7%
Details
CWE
CWE-22
Status
published
Products (17)
3s-software/codesys_gateway-server
2.3.5.1
3s-software/codesys_gateway-server
2.3.5.2
3s-software/codesys_gateway-server
2.3.5.3
3s-software/codesys_gateway-server
2.3.6.0
3s-software/codesys_gateway-server
2.3.7.0
3s-software/codesys_gateway-server
2.3.8.0
3s-software/codesys_gateway-server
2.3.8.1
3s-software/codesys_gateway-server
2.3.8.2
3s-software/codesys_gateway-server
2.3.9
3s-software/codesys_gateway-server
2.3.9.1
... and 7 more
Published
Feb 24, 2013
Tracked Since
Feb 18, 2026