Vulnerability Description
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 750-893 Firmware | < fw08 |
| Wago | 750-893 | - |
| Wago | 750-891 Firmware | < fw08 |
| Wago | 750-891 | - |
| Wago | 750-890 Firmware | < fw08 |
| Wago | 750-890 | - |
| Wago | 750-889 Firmware | < fw15 |
| Wago | 750-889 | - |
| Wago | 750-885 Firmware | < fw15 |
| Wago | 750-885 | - |
| Wago | 750-882 Firmware | < fw15 |
| Wago | 750-882 | - |
| Wago | 750-881 Firmware | < fw15 |
| Wago | 750-881 | - |
| Wago | 750-880 Firmware | < fw16 |
| Wago | 750-880 | - |
| Wago | 750-862 Firmware | < fw08 |
| Wago | 750-862 | - |
| Wago | 750-852 Firmware | < fw15 |
| Wago | 750-852 | - |
Related Weaknesses (CWE)
References
- https://customers.codesys.com/index.phpPermissions RequiredVendor Advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14727&token=25159b0fcVendor Advisory
- https://customers.codesys.com/index.phpPermissions RequiredVendor Advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14727&token=25159b0fcVendor Advisory
FAQ
What is CVE-2021-30187?
CVE-2021-30187 is a vulnerability with a CVSS score of 5.3 (MEDIUM). CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
How severe is CVE-2021-30187?
CVE-2021-30187 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30187?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 750-893 Firmware, Wago 750-893, Wago 750-891 Firmware, Wago 750-891, Wago 750-890 Firmware.