CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

RedhatCVE•added 2025/12/03 2:2 p.m.•2 views

CVE-2025-11785

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS7.3AI score0.00057EPSS

Exploits0References1

RedhatCVE•added 2025/12/03 2:2 p.m.•2 views

CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.8CVSS7.3AI score0.01242EPSS

Exploits0References1

RedhatCVE•added 2025/12/03 2:2 p.m.•1 views

CVE-2025-11786

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...

9.8CVSS7.7AI score0.00057EPSS

Exploits0References1

EUVD•added 2025/12/02 3:30 p.m.•2 views

EUVD-2025-200228

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

8.5CVSS6.7AI score0.00061EPSS

Exploits0References2

EUVD•added 2025/12/02 3:30 p.m.•2 views

EUVD-2025-200233

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent' function when copying the user-controlled username input to a fixed-size buffer 48 bytes without boundary checking. This can lead to memory corruption, resulting in...

8.5CVSS7.8AI score0.002EPSS

Exploits0References2

EUVD•added 2025/12/02 3:30 p.m.•2 views

EUVD-2025-200237

9.4CVSS6.8AI score0.01242EPSS

Exploits0References2

NVD•added 2025/12/02 1:15 p.m.•3 views

CVE-2025-11787

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...

8.8CVSS0.00186EPSS

Exploits0References1

OSV•added 2025/12/02 1:15 p.m.•5 views

CVE-2025-11787

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...

8.8CVSS5.8AI score

Exploits0References1

NVD•added 2025/12/02 1:15 p.m.•3 views

CVE-2025-11786

9.8CVSS0.00057EPSS

Exploits0References1

OSV•added 2025/12/02 1:15 p.m.•0 views

CVE-2025-11783

9.8CVSS6.3AI score0.002EPSS

Exploits0References1

NVD•added 2025/12/02 1:15 p.m.•2 views

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS0.00061EPSS

Exploits0References1

CVE•added 2025/12/02 1:4 p.m.•11 views

CVE-2025-11789

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The DownloadFile function converts a parameter to an integer with atoi() and uses it as an index into the FilesDownload array; if the parameter is too large, it accesses memory beyond the array bounds. Affected: Circutor S...

7.5CVSS6.4AI score0.00041EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/02 1:4 p.m.•3 views

CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...

7.1CVSS0.00041EPSS

Exploits0References1

Cvelist•added 2025/12/02 1:3 p.m.•4 views

CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

8.5CVSS0.00061EPSS

Exploits0References1

CVE•added 2025/12/02 1:3 p.m.•6 views

CVE-2025-11788

CVE-2025-11788 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is a heap-based buffer overflow in ShowSupervisorParameters() due to unvalidated, unlimited input copied into a fixed-size buffer via sprintf(), with GetParameter(meter) directly using the input without size checks. A...

9.8CVSS6.8AI score0.00061EPSS

Exploits0References1Affected Software1

CVE•added 2025/12/02 1:2 p.m.•10 views

CVE-2025-11787

CVE-2025-11787 affects Circutor SGE-PLC1000/SGE-PLC50 running v9.0.2. The OS exposes a command injection vulnerability in GetDNS(), CheckPing(), and TraceRoute() functions. Impact is high (CVE scores indicate network-based, unauthenticated/low-privilege access with potential total impact on confi...

8.8CVSS7AI score0.00186EPSS

Exploits0References1Affected Software1

CVE•added 2025/12/02 1:1 p.m.•10 views

CVE-2025-11786

CVE-2025-11786 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The root cause is in SetUserPassword(): the input parameter newPassword is inserted into a shell command string using sprintf() without sanitisation and then executed with system() . This enables a potential attacker to inject arbitrar...

9.8CVSS7.3AI score0.00057EPSS

Exploits0References1Affected Software1