AutomationDirect CLICK PLUS 安全漏洞

AutomationDirect CLICK PLUS is a small programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect CLICK PLUS version 3.60 that originates from improper resource shutdown or release and could lead to a denial of service attack...

AutomationDirect CLICK PLUS 安全漏洞

AutomationDirect CLICK PLUS is a small programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect CLICK PLUS version 3.60 that originates from improper resource shutdown or release and could lead to a denial of service attack...

CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function

The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...

CVE-2025-36535 AutomationDirect MB-Gateway Missing Authentication for Critical Function

The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality...

AutomationDirect MB-Gateway 访问控制错误漏洞

AutomationDirect MB-Gateway is a single-port Modbus gateway module from AutomationDirect, Inc. that converts Modbus TCP to Modbus RTU. An access control error vulnerability exists in the AutomationDirect MB-Gateway that stems from a lack of authentication and access control on the embedded web...

PT-2025-22415 · Automationdirect · Mb-Gateway

Name of the Vulnerable Software and Affected Versions: AutomationDirect MB-Gateway affected versions not specified Description: The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, ...

CVE-2022-2485

Any attempt good or bad to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets...

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability...

CVE-2024-23315

A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger th...

CVE-2024-23601

A code injection vulnerability exists in the scanlib.bin functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted scanlib.bin can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2024-24962

A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this...

CVE-2024-24957

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24959

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24955

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

CVE-2024-24946

A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This...

CVE-2024-24851

A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2024-24963

A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this...

CVE-2024-22187

A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this...

CVE-2025-0960

AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device...

CVE-2025-0960 AutomationDirect C-more EA9 HMI Classic Buffer Overflow

AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device...