CVE-2021-34585

Name of the Vulnerable Software and Affected Versions: CODESYS V2 web server versions prior to V1.1.9.22

Description: The issue arises when crafted web server requests trigger a parser error in the CODESYS V2 web server. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur, leading to a denial of service situation.

Recommendations: For versions prior to V1.1.9.22, update to version V1.1.9.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.