3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal

Added: 05/06/2013
CVE: CVE-2012-4705
BID: 59446
OSVDB: 90368

Background

Smart Software Solutions GmbH (3S) manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface (SCADA/HMI) product. The Gateway Server listens on TCP port 1211.

Problem

3S CoDeSys Gateway Server before 2.3.9.27 is vulnerable to directory traversal. This vulnerability allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.

Resolution

A patch is available from the vendor.

References

http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
http://secunia.com/advisories/52253/

Limitations

This exploit has been tested against Smart Software Solutions CoDeSys 2.3.9.31 on Windows Server 2003 SP2 English with DEP OptOut.

Platforms

Windows

Back to exploit index