CVE-2011-5007

Name of the Vulnerable Software and Affected Versions 3S CoDeSys version 3.4 SP4 Patch 2 and earlier

Description The issue is a stack-based buffer overflow in the CmpWebServer component. This allows remote attackers to execute arbitrary code via a long URI to TCP port 8080. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For 3S CoDeSys version 3.4 SP4 Patch 2 and earlier, consider disabling access to TCP port 8080 as a temporary workaround until a patch is available. Restrict access to the CmpWebServer component to minimize the risk of exploitation. Avoid using long URIs to the affected TCP port until the issue is resolved.