CODESYS ENI Server < 184.108.40.206 Stack Overflow (credentialed check)
High Nessus Plugin ID 131736
SynopsisA SCADA application on the remote host is affected by a remote code execution vulnerability.
DescriptionA stack-based buffer overflow condition exists in CODESYS ENI server due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to cause a denial of service condition or the execution of arbitrary code.
SolutionUpgrade CODESYS ENI server to version 220.127.116.11 or higher.