CVE-2023-37551

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-552
View all →

Vulnerability Description

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.

Related Vulnerabilities

CVE-2016-10829

MEDIUM
CVSS:6.5(Medium)

cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form processing error (SEC-99).

CWE-5522016

CVE-2017-1308

MEDIUM
CVSS:6.5(Medium)

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force I...

CWE-5522017

CVE-2017-6922

MEDIUM
CVSS:6.5(Medium)

In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visib...

CWE-5522017

CVE-2018-1079

MEDIUM
CVSS:6.5(Medium)

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from...

CWE-5522018

CVE-2019-13140

MEDIUM
CVSS:6.5(Medium)

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to dec...

CWE-5522019

CVE-2019-17130

MEDIUM
CVSS:6.5(Medium)

vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories.

CWE-5522019