Lucene search
K

181 matches found

NVD
NVD
added 2025/12/02 1:15 p.m.6 views

CVE-2025-11781

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key e.g., by analysing the firmware image or memory dump and create valid firmware updat...

8.6CVSS0.00125EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 1:15 p.m.5 views

CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.8CVSS6.1AI score0.01334EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 1:15 p.m.3 views

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

9.8CVSS6.1AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.2 views

CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.8CVSS0.01334EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.6 views

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

9.8CVSS0.00284EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 1:15 p.m.6 views

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

9.8CVSS6.1AI score0.00306EPSS
Exploits0References1
NVD
NVD
added 2025/12/02 1:15 p.m.4 views

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 1:4 p.m.6 views

CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...

7.1CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 1:4 p.m.4 views

CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...

7.1CVSS6.4AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2025/12/02 1:4 p.m.14 views

CVE-2025-11789

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The DownloadFile function converts a parameter to an integer with atoi() and uses it as an index into the FilesDownload array; if the parameter is too large, it accesses memory beyond the array bounds. Affected: Circutor S...

7.5CVSS6.4AI score0.0023EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/02 1:3 p.m.9 views

CVE-2025-11788

CVE-2025-11788 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is a heap-based buffer overflow in ShowSupervisorParameters() due to unvalidated, unlimited input copied into a fixed-size buffer via sprintf(), with GetParameter(meter) directly using the input without size checks. A...

9.8CVSS6.8AI score0.00284EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/02 1:3 p.m.2 views

CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

8.5CVSS6.8AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 1:3 p.m.6 views

CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

8.5CVSS0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/02 1:2 p.m.5 views

CVE-2025-11787 Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...

8.5CVSS0.00916EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 1:2 p.m.3 views

CVE-2025-11787 Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...

8.5CVSS7.1AI score0.00916EPSS
Exploits0References1
CVE
CVE
added 2025/12/02 1:2 p.m.13 views

CVE-2025-11787

CVE-2025-11787 affects Circutor SGE-PLC1000/SGE-PLC50 running v9.0.2. The OS exposes a command injection vulnerability in GetDNS(), CheckPing(), and TraceRoute() functions. Impact is high (CVE scores indicate network-based, unauthenticated/low-privilege access with potential total impact on confi...

8.8CVSS7AI score0.00916EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/02 1:1 p.m.9 views

CVE-2025-11786 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...

8.5CVSS0.00344EPSS
Exploits0References1
CVE
CVE
added 2025/12/02 1:1 p.m.11 views

CVE-2025-11786

CVE-2025-11786 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The root cause is in SetUserPassword(): the input parameter newPassword is inserted into a shell command string using sprintf() without sanitisation and then executed with system() . This enables a potential attacker to inject arbitrar...

9.8CVSS7.3AI score0.00344EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/02 1:1 p.m.3 views

CVE-2025-11786 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...

8.5CVSS7.3AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2025/12/02 1:1 p.m.9 views

CVE-2025-11785

CVE-2025-11785 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is a stack-based buffer overflow in ShowMeterPasswords() caused by unbounded input from the meter parameter via GetParameter(meter) being copied into a fixed-size buffer with sprintf(), without size validation. An att...

9.8CVSS6.8AI score0.00344EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder