VDE-2023-007
Mai 22, 2025, 3:03 nachm.
The 'legal information' plugin of web-based-management contained a vulnerability which allowed execution of arbitrary commands with privileges of www user. UPDATE A 15.06.2023 : Removed PFC100 with FW23 as affected …
VDE-2022-007
Mai 22, 2025, 3:03 nachm.
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …
VDE-2021-014
Mai 22, 2025, 3:03 nachm.
Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLC's.
VDE-2020-009
Mai 22, 2025, 3:03 nachm.
The firmware update package (WUP) is not signed entirely. The used password offers no additional security, it is just meant to protect from unintentional modifications of the WUP file. Thus …
VDE-2019-018
Mai 22, 2025, 3:03 nachm.
Multiple issues have been found. Please check the CVEs for details.
VDE-2023-016
Mai 22, 2025, 3:03 nachm.
Several vulnerabilities have been discovered in the LibGit2Sharp or underlying LibGit2 library.This open-source component is widely used in a lot of products worldwide.The product is vulnerable to remote code execution, …
VDE-2024-050
Mai 22, 2025, 3:03 nachm.
By default, TwinCAT/BSD-based products have a device-specific web interface for web-based management (WBM) enabled, developed by Beckhoff and known as Beckhoff Device Manager UI. It can be accessed remotely or …
VDE-2020-005
Mai 22, 2025, 3:03 nachm.
The coupler's function could be inhibited by an attack.