OpenPLC Webserver v3 Hardware Layer Code Box /hardware command injection

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in OpenPLC Webserver v3 (Web Server). Affected is some unknown processing of the file /hardware of the component Hardware Layer Code Box. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1149994808/07/2021VulD...cve_nvd_summaryCommand Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application.cve.mitre.org08/07/2021accepted
70
1149994708/07/2021VulD...cve_assigned1619128800cve.mitre.org08/07/2021accepted
70
1148980808/04/2021VulD...videolinkhttps://www.youtube.com/watch?v=l08DHB08Gow08/04/2021accepted
100
1148980708/04/2021VulD...price_0day$0-$5ksee exploit price documentation08/04/2021accepted
90
1148980608/04/2021VulD...cvss3_meta_tempscore6.1see CVSS documentation08/04/2021accepted
90
1148980508/04/2021VulD...cvss3_meta_basescore6.3see CVSS documentation08/04/2021accepted
90
1148980408/04/2021VulD...cvss3_vuldb_tempscore6.1see CVSS documentation08/04/2021accepted
90
1148980308/04/2021VulD...cvss3_vuldb_basescore6.3see CVSS documentation08/04/2021accepted
90
1148980208/04/2021VulD...cvss2_vuldb_tempscore6.2see CVSS documentation08/04/2021accepted
90
1148980108/04/2021VulD...cvss2_vuldb_basescore6.5see CVSS documentation08/04/2021accepted
90
1148980008/04/2021VulD...cvss3_vuldb_rlXderived from historical data08/04/2021accepted
80
1148979908/04/2021VulD...cvss3_vuldb_eXderived from historical data08/04/2021accepted
80
1148979808/04/2021VulD...cvss3_vuldb_prLderived from historical data08/04/2021accepted
80
1148979708/04/2021VulD...cvss2_vuldb_rlNDderived from historical data08/04/2021accepted
80
1148979608/04/2021VulD...cvss2_vuldb_eNDderived from historical data08/04/2021accepted
80
1148979508/04/2021VulD...cvss2_vuldb_auSderived from historical data08/04/2021accepted
80
1148979408/04/2021VulD...cvss2_vuldb_rcURderived from vuldb v3 vector08/04/2021accepted
80
1148979308/04/2021VulD...cvss2_vuldb_aiPderived from vuldb v3 vector08/04/2021accepted
80
1148979208/04/2021VulD...cvss2_vuldb_iiPderived from vuldb v3 vector08/04/2021accepted
80
1148979108/04/2021VulD...cvss2_vuldb_ciPderived from vuldb v3 vector08/04/2021accepted
80

Might our Artificial Intelligence support you?

Check our Alexa App!