First published: Tue Aug 03 2021(Updated: )
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <=4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control | <4.2.0.0 | |
Codesys Control Rte | <3.5.17.10 | |
Codesys Control Rte | <3.5.17.10 | |
Codesys Control Runtime System Toolkit | <3.5.17.10 | |
Codesys Control Win Sl | <3.5.17.10 | |
Codesys Embedded Target Visu Toolkit | <3.5.17.10 | |
Codesys Hmi | <3.5.17.10 | |
Codesys Remote Target Visu Toolkit | <3.5.17.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-36763 is a vulnerability in CODESYS V3 web server that allows External Parties to access files or directories.
The severity of CVE-2021-36763 is high, with a severity value of 7.5.
The CVE-2021-36763 vulnerability affects CODESYS Control, CODESYS Control Rte, CODESYS Control Runtime System Toolkit, CODESYS Control Win Sl, Codesys Embedded Target Visu Toolkit, Codesys Hmi, and Codesys Remote Target Visu Toolkit.
External Parties can access files or directories in CODESYS V3 web server due to the vulnerability in versions before 3.5.17.10.
To fix CVE-2021-36763, update CODESYS V3 web server to version 3.5.17.10 or later.