Search criteria
23 vulnerabilities found for 750-8207 by wago
VAR-202212-1959
Vulnerability from variot - Updated: 2025-10-03 21:55In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. Pilz PMC A programming tool is vulnerable to the use of weak password hashes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1959",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control for raspberry pi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "controller cecc-d",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.1"
},
{
"model": "762-4203\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4301\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "control rte v3",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-4302\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6303\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "control for linux",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "hmi v3",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-5203\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4202\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6203\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4205\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6302\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8100",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "pmc",
"scope": "lt",
"trust": 1.0,
"vendor": "pilz",
"version": "3.5.17"
},
{
"model": "v3 simulation runtime",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-5306\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "controller cecc-lk",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.0"
},
{
"model": "control for plcnext",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "controller cecc-lk",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.1"
},
{
"model": "762-4204\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4205\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4303\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4306\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6202\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4304\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4201\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8102",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8215",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4305\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "752-8303\\/8000-0002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "controller cecc-s",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.0"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "controller cecc-s",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.1"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "pmc",
"scope": "gte",
"trust": 1.0,
"vendor": "pilz",
"version": "3.0.0"
},
{
"model": "control v3 runtime system toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-5305\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8217",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": null
},
{
"model": "control win v3",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-5205\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-5206\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6201\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "control for empc-a\\/imx6",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-4206\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-4206\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "control for pfc100",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "control for iot2000",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-5204\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6301\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6304\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "control for beaglebone",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "control for pfc200",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.16.0"
},
{
"model": "762-5304\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-5303\\/8000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "762-6204\\/8000-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8101",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "controller cecc-d",
"scope": "eq",
"trust": 1.0,
"vendor": "festo",
"version": "2.3.8.0"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19\\(18\\)"
},
{
"model": "pmc",
"scope": "eq",
"trust": 0.8,
"vendor": "pilz",
"version": "3.5.17"
},
{
"model": "pmc",
"scope": "lt",
"trust": 0.8,
"vendor": "pilz",
"version": "3.x"
},
{
"model": "pmc",
"scope": "eq",
"trust": 0.8,
"vendor": "pilz",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"cve": "CVE-2020-12069",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "info@cert.vde.com",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-12069",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-12069",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "info@cert.vde.com",
"id": "CVE-2020-12069",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2020-12069",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-12069",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-3933",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. Pilz PMC A programming tool is vulnerable to the use of weak password hashes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12069"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-12069",
"trust": 3.2
},
{
"db": "CERT@VDE",
"id": "VDE-2021-061",
"trust": 2.4
},
{
"db": "CERT@VDE",
"id": "VDE-2022-022",
"trust": 1.0
},
{
"db": "CERT@VDE",
"id": "VDE-2022-031",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-25-273-04",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90492166",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3933",
"trust": 0.6
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"id": "VAR-202212-1959",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4538690433333333
},
"last_update_date": "2025-10-03T21:55:02.035000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "top page",
"trust": 0.8,
"url": "https://www.pilz.com/ja-INT"
},
{
"title": "Pilz PMC programming tool Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=220121"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-916",
"trust": 1.0
},
{
"problemtype": "Use of weak password hashes (CWE-916) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert.vde.com/en/advisories/vde-2021-061/"
},
{
"trust": 1.0,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=12943\u0026token=d097958a67ba382de688916f77e3013c0802fade\u0026download="
},
{
"trust": 1.0,
"url": "https://cert.vde.com/en/advisories/vde-2022-031/"
},
{
"trust": 1.0,
"url": "https://cert.vde.com/en/advisories/vde-2022-022/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90492166/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12069"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2020-12069/"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"date": "2023-03-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"date": "2022-12-26T19:15:10.520000",
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3933"
},
{
"date": "2025-10-02T06:35:00",
"db": "JVNDB",
"id": "JVNDB-2022-004118"
},
{
"date": "2025-05-05T14:15:00.537000",
"db": "NVD",
"id": "CVE-2020-12069"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pilz\u00a0PMC\u00a0 Vulnerability in using weak password hashes in programming tools",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004118"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3933"
}
],
"trust": 0.6
}
}
VAR-202110-1142
Vulnerability from variot - Updated: 2025-08-16 23:21A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1142",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "plcwinnt",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "runtime toolkit",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "2.4.7.56"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"cve": "CVE-2021-34596",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-34596",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34596",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014194",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34596",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34596",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-34596",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1825",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34596"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34596",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014194",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"id": "VAR-202110-1142",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:21:27.177000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-17",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
},
{
"title": "CODESYS Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167877"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-824",
"trust": 1.0
},
{
"problemtype": "Accessing uninitialized pointers (CWE-824) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34596"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"date": "2021-10-26T10:15:08.127000",
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T06:54:00",
"db": "JVNDB",
"id": "JVNDB-2021-014194"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1825"
},
{
"date": "2025-08-15T20:24:15.653000",
"db": "NVD",
"id": "CVE-2021-34596"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Runtime\u00a0Toolkit\u00a032\u00a0Bit\u00a0full\u00a0 and \u00a0PLCWinNT\u00a0 Vulnerability in accessing uninitialized pointers in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014194"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1825"
}
],
"trust": 0.6
}
}
VAR-202110-1143
Vulnerability from variot - Updated: 2025-08-16 23:19A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT contains a vulnerability related to the use of out-of-bounds pointer offsets.Information is tampered with and service operation is interrupted (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1143",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "plcwinnt",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "runtime toolkit",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "2.4.7.56"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"cve": "CVE-2021-34595",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-34595",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34595",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014195",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34595",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34595",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-34595",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1824",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT contains a vulnerability related to the use of out-of-bounds pointer offsets.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34595"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34595",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014195",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"id": "VAR-202110-1143",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:19:55.535000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-17",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
},
{
"title": "CODESYS Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=167876"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-823",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "Using out-of-bounds pointer offsets (CWE-823) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34595"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"date": "2021-10-26T10:15:08.070000",
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T06:56:00",
"db": "JVNDB",
"id": "JVNDB-2021-014195"
},
{
"date": "2022-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1824"
},
{
"date": "2025-08-15T20:25:40.657000",
"db": "NVD",
"id": "CVE-2021-34595"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Runtime\u00a0Toolkit\u00a032\u00a0Bit\u00a0full\u00a0 and \u00a0PLCWinNT\u00a0 Use of out-of-bounds pointer offset vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014195"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1824"
}
],
"trust": 0.6
}
}
VAR-202110-1253
Vulnerability from variot - Updated: 2025-08-16 23:08In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1253",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "1.1.9.22"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"cve": "CVE-2021-34586",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34586",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34586",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014202",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34586",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34586",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-34586",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1818",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-34586",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34586"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "VULMON",
"id": "CVE-2021-34586"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34586",
"trust": 3.3
},
{
"db": "TENABLE",
"id": "TRA-2021-47",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-34586",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"id": "VAR-202110-1253",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:08:29.572000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-15",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"title": "CODESYS Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167871"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.tenable.com/security/research/tra-2021-47"
},
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34586"
},
{
"trust": 0.2,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"date": "2021-10-26T10:15:07.957000",
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-34586"
},
{
"date": "2022-10-07T07:36:00",
"db": "JVNDB",
"id": "JVNDB-2021-014202"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1818"
},
{
"date": "2025-08-15T20:26:04.430000",
"db": "NVD",
"id": "CVE-2021-34586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0 on the web server \u00a0NULL\u00a0 Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014202"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1818"
}
],
"trust": 0.6
}
}
VAR-202110-1254
Vulnerability from variot - Updated: 2025-08-16 23:08Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1254",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "1.1.9.22"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"cve": "CVE-2021-34584",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34584",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34584",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-014204",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34584",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34584",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-34584",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1819",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34584"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34584",
"trust": 3.2
},
{
"db": "TENABLE",
"id": "TRA-2021-47",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014204",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"id": "VAR-202110-1254",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:08:29.548000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-15",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"title": "CODESYS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168568"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-126",
"trust": 1.0
},
{
"problemtype": "buffer over read (CWE-126) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.tenable.com/security/research/tra-2021-47"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34584"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"date": "2021-10-26T10:15:07.850000",
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T07:55:00",
"db": "JVNDB",
"id": "JVNDB-2021-014204"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1819"
},
{
"date": "2025-08-15T20:26:40.257000",
"db": "NVD",
"id": "CVE-2021-34584"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0 Buffer Overread Vulnerability in Web Server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014204"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1819"
}
],
"trust": 0.6
}
}
VAR-202110-1618
Vulnerability from variot - Updated: 2025-08-16 23:08In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation. CODESYS V2 An unchecked return value vulnerability exists in web servers.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1618",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "1.1.9.22"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"cve": "CVE-2021-34585",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34585",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34585",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014203",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34585",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34585",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-34585",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1821",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation. CODESYS V2 An unchecked return value vulnerability exists in web servers.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34585"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34585",
"trust": 3.2
},
{
"db": "TENABLE",
"id": "TRA-2021-47",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014203",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"id": "VAR-202110-1618",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:08:29.526000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-15",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"title": "CODESYS Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167874"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-252",
"trust": 1.0
},
{
"problemtype": "Unchecked return value (CWE-252) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.tenable.com/security/research/tra-2021-47"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34585"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"date": "2021-10-26T10:15:07.907000",
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T07:48:00",
"db": "JVNDB",
"id": "JVNDB-2021-014203"
},
{
"date": "2021-11-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1821"
},
{
"date": "2025-08-15T20:26:31.073000",
"db": "NVD",
"id": "CVE-2021-34585"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0 Unchecked Return Value Vulnerability in Web Servers",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014203"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1821"
}
],
"trust": 0.6
}
}
VAR-202110-1255
Vulnerability from variot - Updated: 2025-08-16 23:08Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. CODESYS V2 Web servers contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1255",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "codesys",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw10"
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "codesys",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "1.1.9.22"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"cve": "CVE-2021-34583",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34583",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34583",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014205",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34583",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34583",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-34583",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1820",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. CODESYS V2 Web servers contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34583"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34583",
"trust": 3.2
},
{
"db": "TENABLE",
"id": "TRA-2021-47",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014205",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"id": "VAR-202110-1255",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:08:29.500000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-15",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"title": "CODESYS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167873"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-122",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.tenable.com/security/research/tra-2021-47"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16876\u0026token=a3f1d937f95e7034879f4f2ea8e5a99b168256a7\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34583"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"date": "2021-10-26T10:15:07.607000",
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T07:58:00",
"db": "JVNDB",
"id": "JVNDB-2021-014205"
},
{
"date": "2021-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1820"
},
{
"date": "2025-08-15T20:26:48.343000",
"db": "NVD",
"id": "CVE-2021-34583"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0 Out-of-Bounds Write Vulnerability in Web Server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014205"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1820"
}
],
"trust": 0.6
}
}
VAR-202110-1617
Vulnerability from variot - Updated: 2025-08-16 23:08In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.
Vulnerability overview/description:
The CODESYS Control runtime system is the core of many PLCs. The runtime is accepting TCP connections on a pre-configured port to connect to the development system.
CODESYS released a dedicated security note, which corresponds to this advisory: https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175
Proof of concept:
A detailed proof of concept will be made public after the affected product vendors had time to provide new firmware versions. 2021-08-11: Vendor states that this issue was already fixed in a recent CODESYS release. The vendor is notified again about this outcome.
Workaround:
To mitigate this issue, access to the CODESYS service port of the affected devices should be limited as far as possible. In the long run, the updated firmware of the product vendor containing a patched CODESYS service must be installed. SEC Consult Vulnerability Lab Security Advisory < 20220126-0 > ======================================================================= title: Denial of service & User Enumeration product: WAGO 750-8xxx PLC vulnerable version: < Firmware 20 Patch 1 (v03.08.08) fixed version: Firmware 20 Patch 1 (v03.08.08) CVE number: CVE-2021-34593 impact: Medium homepage: https://www.wago.com/ found: 2021-05-05 by: SEC Consult Vulnerability Lab These vulnerabilities were discovered during the research cooperation initiative "OT Cyber Security Lab" between Verbund AG and SEC Consult Group. Gerhard Hechenberger (Office Vienna) Steffen Robertz (Office Vienna)
An integrated part of SEC Consult, an Atos company
Europe | Asia | North America
https://www.sec-consult.com
=======================================================================
Vendor description:
"Optimum performance and availability: Thanks to their ultra-high performance, low power consumption, numerous interfaces, space-saving design and high reliability, WAGO’s user-friendly controllers (PLCs) are cost-effective automation solutions. For optimal automation both inside and outside the control cabinet: the flexible IP20 remote I/O systems for all applications and environments."
Source: https://www.wago.com/us/c/controllers-bus-couplers-i-o
Business recommendation:
WAGO's customers should upgrade the firmware to the latest version available.
A thorough security review should be performed by security professionals to identify further security issues.
Vulnerability overview/description:
1) Denial of Service (Codesys) (CVE-2021-34593) The "plclinux_rt" binary is listening on port 2455. It handles communication with the CODESYS suite. By sending requests that define an invalid packet size, a malloc error can be triggered. This leads to a denial of service of the remote connectivity of the codesys service.
This was also reported to and released together with CODESYS, find the corresponding advisories here: https://sec-consult.com/vulnerability-lab/advisory/codesys-v2-denial-of-service/ https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175
2) Enumeration of Users Due to a time-based side channel vulnerability, it can be derived which usernames are valid. This eases the process of brute-forcing valid credentials.
3) Outdated Software with Known Vulnerabilities The PLC is using multiple outdated software components with known exploits.
4) Insufficient Hardening of Binaries Multiple binaries are not compiled with available security features. This will ease further attacks once a memory corruption vulnerability has been spotted.
Proof of concept:
1) Denial of Service (Codesys) (CVE-2021-34593) Codesys packet headers are structured like below (pseudo code):
struct codesys_header { uint16_t magic, int32_t packet_size }
The magic bytes will be 0xbbbb. By defining a packet size of 0xffffffff, a size of 4 GB is defined. The following pseudo code will be used to handle the request:
allocated_mem = (byte)SysAllocDataMemory(coedesys_header.packet_size); buffer_info->recv_buf_wout_header = allocated_mem; if (allocated_mem == (byte )0x0) { return; }
As 4GB of memory aren't available, malloc will return a NULL pointer, which is passed back through the SysAllocDataMemory() function and the return statement in the pseudo code will be hit. Thus, the TCPServerTask() function will return. The file descriptor for the client is not cleared in advance. Therefore, the socket stays open indefinitely. A new client will open the next file descriptor. As only 19 clients are allowed to be connected simultaneously, it is sufficient to send 19 requests with a wrong packet length to force the PLC into a state where it will refuse further connections to the Codesys service.
The current implementation is missing the call to SysSockClose() once a buffer allocation fails.
2) Enumeration of Users A time-based side channel vulnerability in the webserver's authentication method is leaking information about valid usernames. The following code snippet is used in the login method:
// get password file and iterate over every line $pwFileArray = file($passwordFilename); foreach($pwFileArray as $lineNo => $pwFileLine) { // extract username and user password $passwordFileData = explode(':', trim($pwFileLine)); // if username was found in line, verify given password with user password if(isset($passwordFileData[0]) && ($passwordFileData[0] === $username)) { $pwCorrect = password_verify($password, $passwordFileData[1]); break; } }
The password hash is only calculated if the username is found to be valid. As the PLC has limited computational power, this results in different timings for the response depending on the validity of the username. The following script can be used to find valid users. The parameter 'delay_valid' might need to be adjusted to the network speed:
!/usr/sbin/python
import requests import sys import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
delay_valid = 0.2
f = open(sys.argv[1],"r");
for user in f.readlines(): payload = {"username":user.replace('\n',''),"password":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"} cnt = 0 for i in range(5): try: r = requests.post("https:///wbm/php/authentication/login.php", json=payload, timeout=delay_valid, verify=False) except: cnt = cnt +1 if cnt >=3: print("[*]Valid User: {}".format(user))
3) Outdated Software with Known Vulnerabilities Following outdated and vulnerable components were identified by using the IoT Inspector firmware analysis tool:
- Dsnmasq 2.80: 9 CVEs
- Bash 4.4.23: 1 CVE
- GNU glibc 2.30: 12 CVEs
- Linux Kernel 4.9.146: 663 CVEs
- OpenSSL 1.0.1: 103 CVEs
- BusyBox 1.30.1: 2 CVEs
- Curl 7.72.0: 1 CVE
- OpenSSH 7.9p1: 4 CVEs
- PHP 7.3.15: 11 CVEs
- Wpa_supplicant 2.6: 20 CVEs
- NET-SNMP 5.8: 1 CVE
- Libpcap 1.8.1: 5 CVEs
- Info-ZIP 3.0: 13 CVEs
4) Insufficient Hardening of Binaries The following features were extracted with the IoT Inspector: - 1.9% of all executables support full RELRO - 84.6% support partial RELRO - Only 3.6% of all executables make use of stack canaries - 58.9% are using ASLR/PIE
The plclinux_rt binary is an example of a particularly vulnerable binary. It accepts user input on port 2455 and is missing all compile-time security features. Thus, it's a perfect candidate to successfully exploit any identified buffer overflow.
Vulnerable / tested versions:
The following versions have been tested and found to be vulnerable: * WAGO 750-8xxx Firmware 18 (v03.06.11) * WAGO 750-8xxx Firmware 15 (v03.03.10)
Vendor contact timeline:
2021-05-25: Contacting vendor through support.at@wago.com, asking for security contact information. Support informed about their PSIRT team. Set preliminary release date to 2021-07-14. 2021-05-26: Contacting PSIRT through psirt@wago.com for encryption options. 2021-05-27: Received PGP key from PSIRT, transmitted encrypted advisory to psirt@wago.com. 2021-05-31: Wago PSIRT notifies about decryption problems. 2021-06-02: Wago PSIRT redirects to VDE CERT for encrypted transmission. Transmitted encrypted advisory to info@cert.vde.com. Set release date to 2021-07-22. Wago PSIRT resolves decryption problems. 2021-06-07: Received confirmation from VDE CERT. 2021-08-11: On request, Wago PSIRT informs about the investigation results and mentions that the DoS was already reported and is fixed with firmware 18 patch 3. 2021-08-18: A check on the most recent public firmware release v18 (v03.06.19) shows that the vulnerability still exists. Wago PSIRT is notified. 2021-09-01: Wago PSIRT confirms and ensures the issue is investigated. 2021-09-29: Request status from Wago PSIRT. Set new release date to 2021-11-16. 2021-09-30: Wago PSIRT states that CODESYS provided a fix which is currently tested and to wait for a coordinated release with CODESYS. 2021-10-15: CODESYS informs about the assigned CVE-2021-34593 and the planned publishing date. 2021-10-18: Requesting information from Wago on an updated firmware version. 2021-10-19: Wago PSIRT states that they just received the new CODESYS sources and it will take some more weeks to create a new firmware release. 2021-10-28: CODESYS vulnerability CVE-2021-34593 is released in a coordinated manner together with CODESYS group without exploit details. 2021-11-30: Request status from Wago PSIRT on new firmware release. 2022-01-17: Request status from Wago PSIRT on new firmware release again. 2022-01-18: Wago PSIRT informs that firmware 20 Patch 1 released on January 10, 2022 fixes the remaining issue. The firmware was not yet published on their website. 2022-01-26: Release of security advisory.
Solution:
Immediately update the PLCs to the fixed firmware version provided by the vendor to mitigate CVE-2021-34593.
The fixed firmware release 20 patch 1 can be obtained from https://www.wago.com/de/d/6599873
Regarding vulnerability 2) As stated by Wago, there are only two possible default usernames. Therefore, the username enumeration may not gain additional information and this will not be changed.
Additionally, due to varying release cycles, there is a delay in updating components (affecting the other identified vulnerabilities). It is planned to change to a new distribution release with firmware 20.
Workaround:
None
Advisory URL:
https://sec-consult.com/vulnerability-lab/
SEC Consult Vulnerability Lab
SEC Consult, an Atos company
Europe | Asia | North America
About SEC Consult Vulnerability Lab
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an
Atos company. It ensures the continued knowledge gain of SEC Consult in the
field of network and application security to stay ahead of the attacker. The
SEC Consult Vulnerability Lab supports high-quality penetration testing and
the evaluation of new offensive and defensive technologies for our customers.
Hence our customers obtain the most current information about vulnerabilities
and valid recommendation about the risk profile of new technologies.
Interested to work with the experts of SEC Consult? Send us your application https://sec-consult.com/career/
Interested in improving your cyber security with the experts of SEC Consult? Contact our local offices https://sec-consult.com/contact/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult
EOF Gerhard Hechenberger, Steffen Robertz / @2022
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1617",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "plcwinnt",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.56"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw20"
},
{
"model": "plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "runtime toolkit",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "2.4.7.56"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gerhard Hechenberger, S. Robertz",
"sources": [
{
"db": "PACKETSTORM",
"id": "164716"
}
],
"trust": 0.1
},
"cve": "CVE-2021-34593",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-34593",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-34593",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-014196",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-34593",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-34593",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-34593",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1823",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC. \n\n\nVulnerability overview/description:\n-----------------------------------\nThe CODESYS Control runtime system is the core of many PLCs. The runtime is\naccepting TCP connections on a pre-configured port to connect to the\ndevelopment system. \n\nCODESYS released a dedicated security note, which corresponds to this advisory:\nhttps://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16877\u0026token=8faab0fc1e069f4edfca5d5aba8146139f67a175\n\n\nProof of concept:\n-----------------\nA detailed proof of concept will be made public after the affected product\nvendors had time to provide new firmware versions. \n2021-08-11: Vendor states that this issue was already fixed in a recent CODESYS\n release. The vendor is notified\n again about this outcome. \n\n\nWorkaround:\n-----------\nTo mitigate this issue, access to the CODESYS service port of the affected\ndevices should be limited as far as possible. In the long run, the updated\nfirmware of the product vendor containing a patched CODESYS service must be\ninstalled. SEC Consult Vulnerability Lab Security Advisory \u003c 20220126-0 \u003e\n=======================================================================\n title: Denial of service \u0026 User Enumeration\n product: WAGO 750-8xxx PLC\n vulnerable version: \u003c Firmware 20 Patch 1 (v03.08.08)\n fixed version: Firmware 20 Patch 1 (v03.08.08)\n CVE number: CVE-2021-34593\n impact: Medium\n homepage: https://www.wago.com/\n found: 2021-05-05\n by: SEC Consult Vulnerability Lab\n These vulnerabilities were discovered during the research\n cooperation initiative \"OT Cyber Security Lab\" between\n Verbund AG and SEC Consult Group. \n Gerhard Hechenberger (Office Vienna)\n Steffen Robertz (Office Vienna)\n\n An integrated part of SEC Consult, an Atos company\n Europe | Asia | North America\n\n https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"Optimum performance and availability: Thanks to their ultra-high performance,\nlow power consumption, numerous interfaces, space-saving design and high\nreliability, WAGO\u2019s user-friendly controllers (PLCs) are cost-effective\nautomation solutions. For optimal automation both inside and outside the\ncontrol cabinet: the flexible IP20 remote I/O systems for all applications\nand environments.\"\n\nSource: https://www.wago.com/us/c/controllers-bus-couplers-i-o\n\n\nBusiness recommendation:\n------------------------\nWAGO\u0027s customers should upgrade the firmware to the latest version available. \n\nA thorough security review should be performed by security professionals to\nidentify further security issues. \n\n\nVulnerability overview/description:\n-----------------------------------\n1) Denial of Service (Codesys) (CVE-2021-34593)\nThe \"plclinux_rt\" binary is listening on port 2455. It handles communication with\nthe CODESYS suite. By sending requests that define an invalid packet size, a\nmalloc error can be triggered. This leads to a denial of service of the remote\nconnectivity of the codesys service. \n\nThis was also reported to and released together with CODESYS, find the\ncorresponding advisories here:\nhttps://sec-consult.com/vulnerability-lab/advisory/codesys-v2-denial-of-service/\nhttps://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16877\u0026token=8faab0fc1e069f4edfca5d5aba8146139f67a175\n\n\n2) Enumeration of Users\nDue to a time-based side channel vulnerability, it can be derived which\nusernames are valid. This eases the process of brute-forcing valid credentials. \n\n\n3) Outdated Software with Known Vulnerabilities\nThe PLC is using multiple outdated software components with known exploits. \n\n\n4) Insufficient Hardening of Binaries\nMultiple binaries are not compiled with available security features. This will\nease further attacks once a memory corruption vulnerability has been spotted. \n\n\nProof of concept:\n-----------------\n1) Denial of Service (Codesys) (CVE-2021-34593)\nCodesys packet headers are structured like below (pseudo code):\n\nstruct codesys_header {\n\t\tuint16_t magic,\n\t\tint32_t packet_size\n}\n\nThe magic bytes will be 0xbbbb. By defining a packet size of 0xffffffff, a size\nof 4 GB is defined. The following pseudo code will be used to handle the\nrequest:\n\nallocated_mem = (byte*)SysAllocDataMemory(coedesys_header.packet_size);\nbuffer_info-\u003erecv_buf_wout_header = allocated_mem;\nif (allocated_mem == (byte *)0x0) {\n return;\n}\n\nAs 4GB of memory aren\u0027t available, malloc will return a NULL pointer, which is\npassed back through the SysAllocDataMemory() function and the return statement\nin the pseudo code will be hit. Thus, the TCPServerTask() function will return. \nThe file descriptor for the client is not cleared in advance. Therefore, the\nsocket stays open indefinitely. A new client will open the next file\ndescriptor. As only 19 clients are allowed to be connected simultaneously, it\nis sufficient to send 19 requests with a wrong packet length to force the PLC\ninto a state where it will refuse further connections to the Codesys service. \n\nThe current implementation is missing the call to SysSockClose() once a buffer\nallocation fails. \n\n\n2) Enumeration of Users\nA time-based side channel vulnerability in the webserver\u0027s authentication\nmethod is leaking information about valid usernames. The following code snippet is\nused in the login method:\n\n// get password file and iterate over every line\n$pwFileArray = file($passwordFilename);\nforeach($pwFileArray as $lineNo =\u003e $pwFileLine)\n{\n // extract username and user password\n $passwordFileData = explode(\u0027:\u0027, trim($pwFileLine));\n // if username was found in line, verify given password with user password\n if(isset($passwordFileData[0]) \u0026\u0026 ($passwordFileData[0] === $username))\n {\n $pwCorrect = password_verify($password, $passwordFileData[1]);\n break;\n }\n}\n\nThe password hash is only calculated if the username is found to be valid. As\nthe PLC has limited computational power, this results in different timings for\nthe response depending on the validity of the username. The following script\ncan be used to find valid users. The parameter \u0027delay_valid\u0027 might need to be\nadjusted to the network speed:\n\n----------------------------\n#!/usr/sbin/python\nimport requests\nimport sys\nimport urllib3\nurllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)\n\ndelay_valid = 0.2\n\nf = open(sys.argv[1],\"r\");\n\nfor user in f.readlines():\n payload = {\"username\":user.replace(\u0027\\n\u0027,\u0027\u0027),\"password\":\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"}\n cnt = 0\n for i in range(5):\n try:\n r = requests.post(\"https://\u003cyour_PLC_IP\u003e/wbm/php/authentication/login.php\", json=payload, timeout=delay_valid, verify=False)\n except:\n cnt = cnt +1\n if cnt \u003e=3:\n print(\"[*]Valid User: {}\".format(user))\n-----------------------------\n\n\n3) Outdated Software with Known Vulnerabilities\nFollowing outdated and vulnerable components were identified by using the IoT Inspector\nfirmware analysis tool:\n\n- Dsnmasq 2.80: 9 CVEs\n- Bash 4.4.23: 1 CVE\n- GNU glibc 2.30: 12 CVEs\n- Linux Kernel 4.9.146: 663 CVEs\n- OpenSSL 1.0.1: 103 CVEs\n- BusyBox 1.30.1: 2 CVEs\n- Curl 7.72.0: 1 CVE\n- OpenSSH 7.9p1: 4 CVEs\n- PHP 7.3.15: 11 CVEs\n- Wpa_supplicant 2.6: 20 CVEs\n- NET-SNMP 5.8: 1 CVE\n- Libpcap 1.8.1: 5 CVEs\n- Info-ZIP 3.0: 13 CVEs\n\n\n4) Insufficient Hardening of Binaries\nThe following features were extracted with the IoT Inspector:\n- 1.9% of all executables support full RELRO\n- 84.6% support partial RELRO\n- Only 3.6% of all executables make use of stack canaries\n- 58.9% are using ASLR/PIE\n\nThe plclinux_rt binary is an example of a particularly vulnerable binary. It\naccepts user input on port 2455 and is missing all compile-time security\nfeatures. Thus, it\u0027s a perfect candidate to successfully exploit any identified\nbuffer overflow. \n\n\nVulnerable / tested versions:\n-----------------------------\nThe following versions have been tested and found to be vulnerable:\n* WAGO 750-8xxx Firmware 18 (v03.06.11)\n* WAGO 750-8xxx Firmware 15 (v03.03.10)\n\n\nVendor contact timeline:\n------------------------\n2021-05-25: Contacting vendor through support.at@wago.com, asking for\n security contact information. Support informed about their\n PSIRT team. Set preliminary release date to 2021-07-14. \n2021-05-26: Contacting PSIRT through psirt@wago.com for encryption options. \n2021-05-27: Received PGP key from PSIRT, transmitted encrypted advisory\n to psirt@wago.com. \n2021-05-31: Wago PSIRT notifies about decryption problems. \n2021-06-02: Wago PSIRT redirects to VDE CERT for encrypted transmission. \n Transmitted encrypted advisory to info@cert.vde.com. Set release\n date to 2021-07-22. Wago PSIRT resolves decryption problems. \n2021-06-07: Received confirmation from VDE CERT. \n2021-08-11: On request, Wago PSIRT informs about the investigation results\n and mentions that the DoS was already reported and is fixed with\n firmware 18 patch 3. \n2021-08-18: A check on the most recent public firmware release\n v18 (v03.06.19) shows that the vulnerability still exists. Wago\n PSIRT is notified. \n2021-09-01: Wago PSIRT confirms and ensures the issue is investigated. \n2021-09-29: Request status from Wago PSIRT. Set new release date to 2021-11-16. \n2021-09-30: Wago PSIRT states that CODESYS provided a fix which is currently\n tested and to wait for a coordinated release with CODESYS. \n2021-10-15: CODESYS informs about the assigned CVE-2021-34593 and the planned\n publishing date. \n2021-10-18: Requesting information from Wago on an updated firmware version. \n2021-10-19: Wago PSIRT states that they just received the new CODESYS sources\n and it will take some more weeks to create a new firmware release. \n2021-10-28: CODESYS vulnerability CVE-2021-34593 is released in a coordinated\n manner together with CODESYS group without exploit details. \n2021-11-30: Request status from Wago PSIRT on new firmware release. \n2022-01-17: Request status from Wago PSIRT on new firmware release again. \n2022-01-18: Wago PSIRT informs that firmware 20 Patch 1 released on January 10,\n 2022 fixes the remaining issue. The firmware was not yet published\n on their website. \n2022-01-26: Release of security advisory. \n\n\nSolution:\n---------\nImmediately update the PLCs to the fixed firmware version provided by the\nvendor to mitigate CVE-2021-34593. \n\nThe fixed firmware release 20 patch 1 can be obtained from\nhttps://www.wago.com/de/d/6599873\n\nRegarding vulnerability 2)\nAs stated by Wago, there are only two possible default usernames. Therefore,\nthe username enumeration may not gain additional information and this will\nnot be changed. \n\nAdditionally, due to varying release cycles, there is a delay\nin updating components (affecting the other identified vulnerabilities). It is\nplanned to change to a new distribution release with firmware 20. \n\n\nWorkaround:\n-----------\nNone\n\n\nAdvisory URL:\n-------------\nhttps://sec-consult.com/vulnerability-lab/\n\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nSEC Consult Vulnerability Lab\n\nSEC Consult, an Atos company\nEurope | Asia | North America\n\nAbout SEC Consult Vulnerability Lab\nThe SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an\nAtos company. It ensures the continued knowledge gain of SEC Consult in the\nfield of network and application security to stay ahead of the attacker. The\nSEC Consult Vulnerability Lab supports high-quality penetration testing and\nthe evaluation of new offensive and defensive technologies for our customers. \nHence our customers obtain the most current information about vulnerabilities\nand valid recommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://sec-consult.com/career/\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://sec-consult.com/contact/\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Gerhard Hechenberger, Steffen Robertz / @2022\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34593"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "PACKETSTORM",
"id": "164716"
},
{
"db": "PACKETSTORM",
"id": "165874"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34593",
"trust": 3.4
},
{
"db": "PACKETSTORM",
"id": "164716",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "165874",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014196",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823",
"trust": 0.6
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "164716"
},
{
"db": "PACKETSTORM",
"id": "165874"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"id": "VAR-202110-1617",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4510073215384616
},
"last_update_date": "2025-08-16T23:08:29.438000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-16",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16877\u0026token=8faab0fc1e069f4edfca5d5aba8146139f67a175\u0026download="
},
{
"title": "CODESYS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167875"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-755",
"trust": 1.0
},
{
"problemtype": "Improper handling in exceptional conditions (CWE-755) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/164716/codesys-2.4.7.0-denial-of-service.html"
},
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/165874/wago-750-8xxx-plc-denial-of-service-user-enumeration.html"
},
{
"trust": 1.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34593"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2021/oct/64"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16877\u0026token=8faab0fc1e069f4edfca5d5aba8146139f67a175\u0026download="
},
{
"trust": 0.2,
"url": "https://sec-consult.com/contact/"
},
{
"trust": 0.2,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=16877\u0026token=8faab0fc1e069f4edfca5d5aba8146139f67a175"
},
{
"trust": 0.2,
"url": "https://www.sec-consult.com"
},
{
"trust": 0.2,
"url": "http://blog.sec-consult.com"
},
{
"trust": 0.2,
"url": "https://sec-consult.com/career/"
},
{
"trust": 0.2,
"url": "https://sec-consult.com/vulnerability-lab/"
},
{
"trust": 0.2,
"url": "https://twitter.com/sec_consult"
},
{
"trust": 0.1,
"url": "https://www.codesys.com/"
},
{
"trust": 0.1,
"url": "https://www.wago.com/de/d/6599873"
},
{
"trust": 0.1,
"url": "https://www.wago.com/us/c/controllers-bus-couplers-i-o"
},
{
"trust": 0.1,
"url": "https://sec-consult.com/vulnerability-lab/advisory/codesys-v2-denial-of-service/"
},
{
"trust": 0.1,
"url": "https://\u003cyour_plc_ip\u003e/wbm/php/authentication/login.php\","
},
{
"trust": 0.1,
"url": "https://www.wago.com/"
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "164716"
},
{
"db": "PACKETSTORM",
"id": "165874"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "164716"
},
{
"db": "PACKETSTORM",
"id": "165874"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-01T15:14:58",
"db": "PACKETSTORM",
"id": "164716"
},
{
"date": "2022-02-04T17:42:39",
"db": "PACKETSTORM",
"id": "165874"
},
{
"date": "2022-10-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"date": "2021-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"date": "2021-10-26T10:15:08.013000",
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-07T07:02:00",
"db": "JVNDB",
"id": "JVNDB-2021-014196"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1823"
},
{
"date": "2025-08-15T20:25:58.247000",
"db": "NVD",
"id": "CVE-2021-34593"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Runtime\u00a0Toolkit\u00a032\u00a0Bit\u00a0full\u00a0 and \u00a0PLCWinNT\u00a0 Vulnerability in handling exceptional conditions in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-014196"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1823"
}
],
"trust": 0.6
}
}
VAR-202105-0535
Vulnerability from variot - Updated: 2025-08-16 23:05On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime. plural WAGO Product devices contain vulnerabilities in resource allocation without restrictions or throttling.Denial of service (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0535",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-885",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-823",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-882",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-881",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-831",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-829",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-862",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-832",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-880",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-852",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"cve": "CVE-2021-21000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-21000",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-21000",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-21000",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-21000",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-21000",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-21000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-21000",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1455",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device could cause a denial of service for the login service of the runtime. plural WAGO Product devices contain vulnerabilities in resource allocation without restrictions or throttling.Denial of service (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21000"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "VULMON",
"id": "CVE-2021-21000"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-21000",
"trust": 3.3
},
{
"db": "CERT@VDE",
"id": "VDE-2021-014",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007238",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-21000",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21000"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"id": "VAR-202105-0535",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T23:05:38.433000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.wago.com/us/"
},
{
"title": "WAGO Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152368"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
},
{
"problemtype": "Allocation of resources without limits or throttling (CWE-770) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2021-014"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21000"
},
{
"trust": 0.8,
"url": "https://cert.vde.com/en/advisories/vde-2021-014/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21000"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-21000"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21000"
},
{
"date": "2022-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"date": "2021-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"date": "2021-05-24T11:15:07.917000",
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21000"
},
{
"date": "2022-02-07T02:26:00",
"db": "JVNDB",
"id": "JVNDB-2021-007238"
},
{
"date": "2021-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1455"
},
{
"date": "2025-08-15T20:21:18.653000",
"db": "NVD",
"id": "CVE-2021-21000"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0WAGO\u00a0 Vulnerability in product allocation of resource allocation without limitation or throttling on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007238"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1455"
}
],
"trust": 0.6
}
}
VAR-202105-0536
Vulnerability from variot - Updated: 2025-08-16 23:05On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. plural WAGO A past traversal vulnerability exists in the device of the product.Information may be obtained. WAGO is a 750-88x series programmable logic controller from WAGO. The device is a digital operation electronic system designed specifically for applications in an industrial environment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0536",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-885",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-823",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-882",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-881",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-831",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-829",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-862",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-832",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-880",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-852",
"scope": null,
"trust": 0.8,
"vendor": "\u30ef\u30b4\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "750-823 \u003e=fw07",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-823"
},
{
"model": "750-829 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-829"
},
{
"model": "750-831 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-831"
},
{
"model": "750-832 \u003e=fw06",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-832"
},
{
"model": "750-852 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-852"
},
{
"model": "750-862 \u003e=fw07",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-862"
},
{
"model": "750-880 \u003e=fw15",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-880"
},
{
"model": "750-881 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-881"
},
{
"model": "750-882 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-882"
},
{
"model": "750-885 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-885"
},
{
"model": "750-889 \u003e=fw14",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-889"
},
{
"model": "750-890 \u003e=fw07",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-890"
},
{
"model": "750-891 \u003e=fw07",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-891"
},
{
"model": "750-893 \u003e=fw07",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-893"
},
{
"model": "750-8202 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8202"
},
{
"model": "750-8203 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8203"
},
{
"model": "750-8204 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8204"
},
{
"model": "750-8206 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8206"
},
{
"model": "750-8207 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8207"
},
{
"model": "750-8208 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8208"
},
{
"model": "750-8210 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8210"
},
{
"model": "750-8211 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8211"
},
{
"model": "750-8212 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8212"
},
{
"model": "750-8213 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8213"
},
{
"model": "750-8214 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8214"
},
{
"model": "750-8216 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8216"
},
{
"model": "750-8217 \u003e=03.06.19",
"scope": null,
"trust": 0.6,
"vendor": "wago",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wago",
"version": "750-8217"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"cve": "CVE-2021-21001",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-21001",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-40851",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-21001",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"id": "CVE-2021-21001",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-21001",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-21001",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2021-21001",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-21001",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-40851",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1457",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to the device can access the file system with higher privileges. plural WAGO A past traversal vulnerability exists in the device of the product.Information may be obtained. WAGO is a 750-88x series programmable logic controller from WAGO. The device is a digital operation electronic system designed specifically for applications in an industrial environment",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21001"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "VULMON",
"id": "CVE-2021-21001"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-21001",
"trust": 3.9
},
{
"db": "CERT@VDE",
"id": "VDE-2021-014",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-40851",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-21001",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "VULMON",
"id": "CVE-2021-21001"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"id": "VAR-202105-0536",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
}
],
"trust": 0.9866541315789473
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
}
]
},
"last_update_date": "2025-08-16T23:05:38.399000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.wago.com/us/"
},
{
"title": "Patch for WAGO path traversal vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/271846"
},
{
"title": "WAGO Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=152370"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2021-014"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21001"
},
{
"trust": 0.8,
"url": "https://cert.vde.com/en/advisories/vde-2021-014/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "VULMON",
"id": "CVE-2021-21001"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "VULMON",
"id": "CVE-2021-21001"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"date": "2021-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21001"
},
{
"date": "2022-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"date": "2021-05-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"date": "2021-05-24T11:15:07.980000",
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"date": "2021-05-24T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21001"
},
{
"date": "2022-02-07T02:27:00",
"db": "JVNDB",
"id": "JVNDB-2021-007239"
},
{
"date": "2021-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1457"
},
{
"date": "2025-08-15T20:21:10.680000",
"db": "NVD",
"id": "CVE-2021-21001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO path traversal vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-40851"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1457"
}
],
"trust": 0.6
}
}
VAR-202105-0850
Vulnerability from variot - Updated: 2025-08-16 22:55CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. CODESYS V2 Web-Server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0850",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "codesys",
"version": "1.1.9.20"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vyacheslav Moskvin, Sergey Fedonin, and Anton Dorfman of Positive Technologies reported these vulnerabilities to CODESYS.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
}
],
"trust": 0.6
},
"cve": "CVE-2021-30190",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30190",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30190",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30190",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30190",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30190",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1632",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-30190",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. CODESYS V2 Web-Server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-30190"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30190",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-02",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021062306",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2215",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-30190",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"id": "VAR-202105-0850",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T22:55:35.260000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"title": "CODESYS V2 Web-Server Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155198"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/CyberTitus/Follina "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30190"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062306"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2215"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-173-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/cybertitus/follina"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-25T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"date": "2022-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-25T13:15:17.777000",
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-03T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30190"
},
{
"date": "2022-07-14T03:22:00",
"db": "JVNDB",
"id": "JVNDB-2021-011004"
},
{
"date": "2022-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1632"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2025-08-15T20:27:47.350000",
"db": "NVD",
"id": "CVE-2021-30190"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Vulnerability regarding lack of authentication for critical features in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011004"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1632"
}
],
"trust": 0.6
}
}
VAR-202105-0846
Vulnerability from variot - Updated: 2025-08-16 22:49CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0846",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "plcwinnt",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys runtime toolkit",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"cve": "CVE-2021-30186",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30186",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30186",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-30186",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30186",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-30186",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1620",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-30186",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "VULMON",
"id": "CVE-2021-30186"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30186",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-03",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1620",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-30186",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"id": "VAR-202105-0846",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37935351049999994
},
"last_update_date": "2025-08-16T22:49:40.348000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-06",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/yossireuven/Publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30186"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-03"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/yossireuven/publications"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-25T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"date": "2021-05-25T13:15:17.677000",
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30186"
},
{
"date": "2022-02-03T08:37:00",
"db": "JVNDB",
"id": "JVNDB-2021-007188"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1620"
},
{
"date": "2025-08-15T20:20:41.123000",
"db": "NVD",
"id": "CVE-2021-30186"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0runtime\u00a0 system \u00a0SP\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007188"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1620"
}
],
"trust": 0.6
}
}
VAR-202105-0851
Vulnerability from variot - Updated: 2025-08-16 22:49CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input. CODESYS V2 Web-Server Contains a classic buffer overflow vulnerability.Denial of service (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0851",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "1.1.9.20"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"cve": "CVE-2021-30191",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30191",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30191",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-30191",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30191",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-30191",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1626",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-30191",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input. CODESYS V2 Web-Server Contains a classic buffer overflow vulnerability.Denial of service (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30191"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "VULMON",
"id": "CVE-2021-30191"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30191",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1626",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-30191",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"id": "VAR-202105-0851",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T22:49:25.068000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30191"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-02"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-25T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"date": "2021-05-25T13:15:17.807000",
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30191"
},
{
"date": "2022-02-03T07:52:00",
"db": "JVNDB",
"id": "JVNDB-2021-007169"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1626"
},
{
"date": "2025-08-15T20:27:36.623000",
"db": "NVD",
"id": "CVE-2021-30191"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Buffer Overflow Vulnerability in Linux",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007169"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1626"
}
],
"trust": 0.6
}
}
VAR-202105-0849
Vulnerability from variot - Updated: 2025-08-16 22:36CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0849",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "1.1.9.20"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vyacheslav Moskvin, Sergey Fedonin, and Anton Dorfman of Positive Technologies reported these vulnerabilities to CODESYS.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
}
],
"trust": 0.6
},
"cve": "CVE-2021-30189",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30189",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30189",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30189",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30189",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30189",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1634",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30189"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30189",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-02",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007171",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2215",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062306",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"id": "VAR-202105-0849",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T22:36:37.594000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"title": "3S-Smart Software Solutions CODESYS V2 Web-Server Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=154685"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30189"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062306"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2215"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-173-02"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"date": "2021-05-25T13:15:17.743000",
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T08:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-007171"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1634"
},
{
"date": "2025-08-15T20:27:53.740000",
"db": "NVD",
"id": "CVE-2021-30189"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1634"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007171"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
VAR-202105-0854
Vulnerability from variot - Updated: 2025-08-16 22:28CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds read.Information is obtained and denial of service (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0854",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "1.1.9.20"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"cve": "CVE-2021-30194",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30194",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30194",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30194",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30194",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30194",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1625",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds read.Information is obtained and denial of service (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30194"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30194",
"trust": 3.2
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007040",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1625",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"id": "VAR-202105-0854",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T22:28:17.831000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30194"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"date": "2021-05-25T13:15:17.910000",
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-02T02:24:00",
"db": "JVNDB",
"id": "JVNDB-2021-007040"
},
{
"date": "2021-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1625"
},
{
"date": "2025-08-15T20:27:01.483000",
"db": "NVD",
"id": "CVE-2021-30194"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007040"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1625"
}
],
"trust": 0.6
}
}
VAR-202105-0852
Vulnerability from variot - Updated: 2025-08-16 22:21CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. CODESYS V2 Web-Server Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0852",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "1.1.9.20"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vyacheslav Moskvin, Sergey Fedonin, and Anton Dorfman of Positive Technologies reported these vulnerabilities to CODESYS.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
}
],
"trust": 0.6
},
"cve": "CVE-2021-30192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30192",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30192",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30192",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30192",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30192",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1621",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. CODESYS V2 Web-Server Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30192"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30192",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-02",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007155",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021062306",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2215",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"id": "VAR-202105-0852",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T22:21:47.324000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "Bad authentication (CWE-863) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30192"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021062306"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2215"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-173-02"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"date": "2021-05-25T13:15:17.837000",
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T07:38:00",
"db": "JVNDB",
"id": "JVNDB-2021-007155"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1621"
},
{
"date": "2025-08-15T20:27:29.643000",
"db": "NVD",
"id": "CVE-2021-30192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Authentication Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007155"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1621"
}
],
"trust": 1.2
}
}
VAR-202105-0853
Vulnerability from variot - Updated: 2025-08-16 21:34CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0853",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "v2 web server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "1.1.9.20"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys v2 web server",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "1.1.9.20"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"cve": "CVE-2021-30193",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30193",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30193",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30193",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30193",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30193",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1623",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write. CODESYS V2 Web-Server Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30193"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30193",
"trust": 3.2
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-02",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007130",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1623",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"id": "VAR-202105-0853",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2025-08-16T21:34:04.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-07",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14726\u0026token=553da5d11234bbe1ceed59969d419a71bb8c8747\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30193"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-02"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"date": "2021-05-25T13:15:17.880000",
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T06:41:00",
"db": "JVNDB",
"id": "JVNDB-2021-007130"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1623"
},
{
"date": "2025-08-15T20:27:21.247000",
"db": "NVD",
"id": "CVE-2021-30193"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0Web-Server\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007130"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1623"
}
],
"trust": 0.6
}
}
VAR-202105-0847
Vulnerability from variot - Updated: 2025-08-16 21:27CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0847",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys runtime toolkit",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": "2.4.7.55"
},
{
"model": "codesys runtime toolkit",
"scope": "eq",
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys runtime toolkit",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"cve": "CVE-2021-30187",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30187",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2021-30187",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-30187",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30187",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-30187",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1618",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-30187",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30187"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "VULMON",
"id": "CVE-2021-30187"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30187",
"trust": 3.3
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-04",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1618",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-30187",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"id": "VAR-202105-0847",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37935351049999994
},
"last_update_date": "2025-08-16T21:27:40.978000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-08",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14727\u0026token=25159b0fc4355f4c6bc2e074a519a9d0cdb23fbb\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14727\u0026token=25159b0fc4355f4c6bc2e074a519a9d0cdb23fbb\u0026download="
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30187"
},
{
"trust": 1.1,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-04"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-25T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"date": "2022-02-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"date": "2021-05-25T12:15:07.913000",
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30187"
},
{
"date": "2022-02-04T01:40:00",
"db": "JVNDB",
"id": "JVNDB-2021-007202"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1618"
},
{
"date": "2025-08-15T20:28:33.270000",
"db": "NVD",
"id": "CVE-2021-30187"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0runtime\u00a0 system \u00a0SP\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007202"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1618"
}
],
"trust": 0.6
}
}
VAR-202105-0848
Vulnerability from variot - Updated: 2025-08-16 21:19CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. CODESYS V2 runtime system SP Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0848",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "v2 runtime system sp",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys runtime toolkit",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"cve": "CVE-2021-30188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30188",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30188",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30188",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30188",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-30188",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1622",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. CODESYS V2 runtime system SP Is vulnerable to an out-of-bounds write.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30188"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30188",
"trust": 3.2
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-03",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007173",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1622",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"id": "VAR-202105-0848",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37935351049999994
},
"last_update_date": "2025-08-16T21:19:05.492000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-06",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30188"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-03"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"date": "2021-05-25T13:15:17.710000",
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T08:20:00",
"db": "JVNDB",
"id": "JVNDB-2021-007173"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1622"
},
{
"date": "2025-08-15T20:28:18.250000",
"db": "NVD",
"id": "CVE-2021-30188"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0runtime\u00a0 system \u00a0SP\u00a0 Out-of-bounds Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007173"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1622"
}
],
"trust": 0.6
}
}
VAR-202105-0855
Vulnerability from variot - Updated: 2025-08-16 20:15CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. CODESYS V2 runtime system Is vulnerable to an out-of-bounds read.Denial of service (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-0855",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "plcwinnt",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "2.4.7.55"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw16"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw15"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw08"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.19_\\(18\\)"
},
{
"model": "codesys plcwinnt",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys runtime toolkit",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"cve": "CVE-2021-30195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-30195",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30195",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-30195",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30195",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-30195",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-1627",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. CODESYS V2 runtime system Is vulnerable to an out-of-bounds read.Denial of service (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30195"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30195",
"trust": 3.2
},
{
"db": "JVN",
"id": "JVNVU97061687",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-173-03",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007129",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1627",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"id": "VAR-202105-0855",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37935351049999994
},
"last_update_date": "2025-08-16T20:15:51.142000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02021-06",
"trust": 0.8,
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=14725\u0026token=08691519ef764b252630759eff925890176ecd78\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97061687/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30195"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-173-03"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"date": "2021-05-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"date": "2021-05-25T13:15:17.940000",
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-03T06:36:00",
"db": "JVNDB",
"id": "JVNDB-2021-007129"
},
{
"date": "2021-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-1627"
},
{
"date": "2025-08-15T20:26:54.410000",
"db": "NVD",
"id": "CVE-2021-30195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS\u00a0V2\u00a0runtime\u00a0 system \u00a0 Out-of-bounds read vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007129"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-1627"
}
],
"trust": 0.6
}
}
VAR-202306-1706
Vulnerability from variot - Updated: 2024-10-02 23:15Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. 750-331 firmware, 750-8202 firmware, 750-8202/000-011 firmware etc. WAGO The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-1706",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8217\\/625-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202\\/000-011",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8207\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-010",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-012",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8214",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213\\/040-010",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8212\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-885\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-890\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-831\\/000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8203",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8215",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/625-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/025-002",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-002",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-890\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8206\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/000-100",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/000-022",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8211\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-012",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-331",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8204\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-010",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-832\\/000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/000-100",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/600-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8208\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8215",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-022",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/600-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8212",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213\\/040-010",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/000-011",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8210\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202/000-022",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-001",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/000-012",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/000-011",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-331",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8203",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-002",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/040-001",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-000",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/040-000",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"cve": "CVE-2023-1619",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2023-1619",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2023-017307",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "info@cert.vde.com",
"id": "CVE-2023-1619",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2023-017307",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-1818",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a malformed packet. 750-331 firmware, 750-8202 firmware, 750-8202/000-011 firmware etc. WAGO The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-1619"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "VULMON",
"id": "CVE-2023-1619"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-1619",
"trust": 3.3
},
{
"db": "CERT@VDE",
"id": "VDE-2023-006",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017307",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1818",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-1619",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-1619"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"id": "VAR-202306-1706",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2024-10-02T23:15:32.440000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WAGO Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=242927"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1288",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://cert.vde.com/en/advisories/vde-2023-006/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1619"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-1619/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-1619"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-1619"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1619"
},
{
"date": "2024-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"date": "2023-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"date": "2023-06-26T07:15:09.090000",
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1619"
},
{
"date": "2024-01-05T08:17:00",
"db": "JVNDB",
"id": "JVNDB-2023-017307"
},
{
"date": "2023-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-1818"
},
{
"date": "2024-10-02T06:15:05.420000",
"db": "NVD",
"id": "CVE-2023-1619"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0WAGO\u00a0 Product input verification vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017307"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1818"
}
],
"trust": 0.6
}
}
VAR-202306-1705
Vulnerability from variot - Updated: 2024-10-02 23:15Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. 750-331 firmware, 750-8202 firmware, 750-8202/000-011 firmware etc. WAGO The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-1705",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "750-8217\\/625-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-881",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-832",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-885",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-852",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202\\/000-011",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8207\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-010",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-831",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8202\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-012",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8214",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213\\/040-010",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8212\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-885\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-890\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-831\\/000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8203",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8215",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/625-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-893",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/025-002",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8203\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-002",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-829",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-890\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8206\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/000-100",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-862",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/000-022",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8211\\/040-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-889",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8211\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-012",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8214",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8207",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-331",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8217",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8207",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8204",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-882",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8204\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/040-010",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-832\\/000-002",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/040-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8210\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/040-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-001",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8208",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/000-100",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/600-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8206\\/025-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8212\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8208\\/025-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8216\\/025-001",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-880\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw17"
},
{
"model": "750-8215",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202\\/000-022",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8217\\/600-000",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-891",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8212",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213\\/040-010",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8213",
"scope": "eq",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-823",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8202\\/000-011",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-890\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw11"
},
{
"model": "750-8210\\/040-000",
"scope": "lt",
"trust": 1.0,
"vendor": "wago",
"version": "fw22"
},
{
"model": "750-8202/000-022",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-001",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/000-012",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/000-011",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-331",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8203",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-002",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/040-001",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/025-000",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
},
{
"model": "750-8202/040-000",
"scope": null,
"trust": 0.8,
"vendor": "wago",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"cve": "CVE-2023-1620",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"id": "CVE-2023-1620",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 4.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-1620",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-1620",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2023-1620",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-1620",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-1816",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime. 750-331 firmware, 750-8202 firmware, 750-8202/000-011 firmware etc. WAGO The product contains an input validation vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-1620"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "VULMON",
"id": "CVE-2023-1620"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-1620",
"trust": 3.3
},
{
"db": "CERT@VDE",
"id": "VDE-2023-006",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017306",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1816",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-1620",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-1620"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"id": "VAR-202306-1705",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.38665413157894735
},
"last_update_date": "2024-10-02T23:15:32.410000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WAGO Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=242925"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1288",
"trust": 1.0
},
{
"problemtype": "Inappropriate input confirmation (CWE-20) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://cert.vde.com/en/advisories/vde-2023-006/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1620"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-1620/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-1620"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-1620"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1620"
},
{
"date": "2024-01-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"date": "2023-06-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"date": "2023-06-26T07:15:09.197000",
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-26T00:00:00",
"db": "VULMON",
"id": "CVE-2023-1620"
},
{
"date": "2024-01-05T08:17:00",
"db": "JVNDB",
"id": "JVNDB-2023-017306"
},
{
"date": "2023-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-1816"
},
{
"date": "2024-10-02T06:15:06.393000",
"db": "NVD",
"id": "CVE-2023-1620"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0WAGO\u00a0 Product input verification vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017306"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-1816"
}
],
"trust": 0.6
}
}
VAR-202210-0985
Vulnerability from variot - Updated: 2024-08-14 14:43WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202210-0985",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "762-4302\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4201\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8206\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8206\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4104",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8215",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8207",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4203\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-5304\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8101",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-6203\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-5306\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5204\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8100",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8208\\/025-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8211",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212\\/025-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212\\/040-010",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8212\\/000-100",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-5204\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8208\\/025-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8100",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4102",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8217\\/600-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.04.10\\(16\\)"
},
{
"model": "750-8206\\/025-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8202\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "752-8303\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.06.09\\(18\\)"
},
{
"model": "750-8212\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4102",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8213",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4303\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8212\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8212\\/040-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8216\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8101\\/000-010",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8202\\/000-012",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8210\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8213\\/040-010",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4103",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8101\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4204\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4101",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8101\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-6202\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8207\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8215",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5205\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8211\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8214",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8206",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4302\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-6304\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4206\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8216\\/025-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8101",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6201\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8217\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-5303\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5306\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8212\\/040-010",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8216",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8212\\/000-100",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5303\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8217\\/625-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8102",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "751-9301",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.07.17\\(19\\)"
},
{
"model": "750-8216\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8217\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.04.10\\(16\\)"
},
{
"model": "750-8210",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8213",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5305\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8206\\/040-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5203\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-5206\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6302\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8102\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8211",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-5203\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4204\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-6203\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8213\\/040-010",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4304\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212\\/025-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8202\\/000-011",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8207",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8206\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8214",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8217",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.04.10\\(16\\)"
},
{
"model": "750-8206",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4101",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-4206\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6301\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8202\\/000-022",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8217\\/600-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8212\\/025-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4304\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8210\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8207\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8202\\/000-022",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4205\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6304\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8202\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8216\\/025-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "751-9301",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.09.08\\(21\\)"
},
{
"model": "750-8212\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4303\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8217\\/625-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.04.10\\(16\\)"
},
{
"model": "750-8216\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8202\\/000-012",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8208",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8211\\/040-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8102",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8216\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5305\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-4203\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8208\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8208",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-5206\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-6303\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4103",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-4104",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4201\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-5304\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6303\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8212\\/025-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6302\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8210\\/040-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-6201\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-6301\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "752-8303\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8216",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8206\\/025-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4202\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8101\\/000-010",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8210",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-6204\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8207\\/025-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-4202\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4205\\/8000-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "762-4301\\/8000-002",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212\\/040-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-6202\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8212",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8202\\/000-011",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8206\\/040-001",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-6204\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8207\\/025-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "750-8210\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8102\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8206\\/025-000",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "762-5205\\/8000-001",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
},
{
"model": "762-4301\\/8000-002",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.09\\(22\\)"
},
{
"model": "750-8217",
"scope": "lte",
"trust": 1.0,
"vendor": "wago",
"version": "03.10.08\\(22\\)"
},
{
"model": "750-8208\\/025-000",
"scope": "gte",
"trust": 1.0,
"vendor": "wago",
"version": "03.01.07\\(13\\)"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"cve": "CVE-2022-3281",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-3281",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "info@cert.vde.com",
"id": "CVE-2022-3281",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-3281",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202210-1059",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"db": "NVD",
"id": "CVE-2022-3281"
},
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-3281"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-3281",
"trust": 1.6
},
{
"db": "CERT@VDE",
"id": "VDE-2022-042",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-202210-1059",
"trust": 0.6
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"id": "VAR-202210-0985",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47380952
},
"last_update_date": "2024-08-14T14:43:40.772000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple WAGO Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=211650"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-440",
"trust": 1.0
},
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://cert.vde.com/en/advisories/vde-2022-042/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-3281/"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"date": "2022-10-17T09:15:12.387000",
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202210-1059"
},
{
"date": "2022-11-04T19:14:00.620000",
"db": "NVD",
"id": "CVE-2022-3281"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple WAGO Product security vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202210-1059"
}
],
"trust": 0.6
}
}