The host is installed with 3S CoDeSys 3.0 before 3.5 or before 2.3.9.32 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted Content-Length in an HTTP POST or an invalid HTTP request method. Successful exploitation allows remote attackers to cause a NULL pointer dereference.