CVE-2021-30187

CWE-78OS Command Injection3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 69.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
Codesys Runtime ToolkitWago 750-8202 FirmwareWago 750-8203 Firmware+25 more
Timeline
PublishedMay 25
Latest updateMay 24

Description

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages28 packages

NVDcodesys/runtime_toolkit< 2.4.7.55

🔴Vulnerability Details

2
GHSA
GHSA-mrvh-5hf5-fwp3: CODESYS V2 runtime system SP before 22022-05-24
CVEList
CVE-2021-30187: CODESYS V2 runtime system SP before 22021-05-25