CVE-2021-30195

HIGH

CODESYS V2 <2.4.7.55 - SQL Injection

Title source: llm
STIX 2.1

Description

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.

References (2)

Core 2
Core References
Permissions Required, Vendor Advisory x_refsource_misc
https://customers.codesys.com/index.php

Scores

CVSS v3 7.5
EPSS 0.0042
EPSS Percentile 62.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (29)
codesys/plcwinnt < 2.4.7.55
codesys/runtime_toolkit < 2.4.7.55
wago/750-8202_firmware < 03.06.19_\(18\)
wago/750-8203_firmware < 03.06.19_\(18\)
wago/750-8204_firmware < 03.06.19_\(18\)
wago/750-8206_firmware < 03.06.19_\(18\)
wago/750-8207_firmware < 03.06.19_\(18\)
wago/750-8208_firmware < 03.06.19_\(18\)
wago/750-8210_firmware < 03.06.19_\(18\)
wago/750-8211_firmware < 03.06.19_\(18\)
... and 19 more
Published May 25, 2021
Tracked Since Feb 18, 2026