CVE-2021-30187: OS Command Injection
First published: Tue May 25 2021(Updated: )
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codesys Runtime Toolkit | <2.4.7.55 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this CODESYS vulnerability?
The vulnerability ID for this CODESYS vulnerability is CVE-2021-30187.
What is the title of this CODESYS vulnerability?
The title of this CODESYS vulnerability is 'CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.'
What is the severity level of CVE-2021-30187?
The severity level of CVE-2021-30187 is medium with a CVSS score of 5.3.
What software versions are affected by this vulnerability?
The CODESYS V2 runtime system versions before 2.4.7.55 are affected by this vulnerability.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to update to CODESYS V2 runtime system version 2.4.7.55 or above.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/codesys
- canonical/codesys runtime toolkit