VDB
CVE-2021-34585
CVE-2021-34585
PUBLISHED
CVSS 7.5 HIGH
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
EPSS 0.47% · 64.9th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.47%
64.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| wago | 750-829_firmware | 0 |
| wago | 750-8216_firmware | 0 |
| wago | 750-890_firmware | 0 |
| wago | 750-8217_firmware | 0 |
| wago | 750-8204_firmware | 0 |
| wago | 750-893_firmware | 0 |
| wago | 750-852_firmware | 0 |
| wago | 750-8208_firmware | 0 |
| wago | 750-862_firmware | 0 |
| wago | 750-831_firmware | 0 |
| wago | 750-8203_firmware | 0 |
| wago | 750-8213_firmware | 0 |
| wago | 750-8202_firmware | 0 |
| wago | 750-8206_firmware | 0 |
| wago | 750-8212_firmware | 0 |
| wago | 750-885_firmware | 0 |
| CODESYS | CODESYS V2 | * |
| wago | 750-880_firmware | 0 |
| wago | 750-881_firmware | 0 |
| wago | 750-8214_firmware | 0 |
…and 9 more
Exploit Intelligence
Timeline
- Oct 26, 2021 CVE Published
- Oct 27, 2021 EPSS Score
- Dec 22, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 13, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Aug 4, 2022 EPSS Score
- Sep 29, 2022 EPSS Score
- Nov 24, 2022 EPSS Score
- Jan 19, 2023 EPSS Score