Description
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
References (2)
Core 2
Core References
Permissions Required, Vendor Advisory x_refsource_misc
https://customers.codesys.com/index.php
Vendor Advisory x_refsource_misc
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14727&token=25159b0fc4355f4c6bc2e074a519a9d0cdb23fbb&download=
Scores
CVSS v3
5.3
EPSS
0.0027
EPSS Percentile
18.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-78
Status
published
Products (28)
codesys/runtime_toolkit
< 2.4.7.55
wago/750-8202_firmware
< 03.06.19_\(18\)
wago/750-8203_firmware
< 03.06.19_\(18\)
wago/750-8204_firmware
< 03.06.19_\(18\)
wago/750-8206_firmware
< 03.06.19_\(18\)
wago/750-8207_firmware
< 03.06.19_\(18\)
wago/750-8208_firmware
< 03.06.19_\(18\)
wago/750-8210_firmware
< 03.06.19_\(18\)
wago/750-8211_firmware
< 03.06.19_\(18\)
wago/750-8212_firmware
< 03.06.19_\(18\)
... and 18 more
Published
May 25, 2021
Tracked Since
Feb 18, 2026