181 matches found
CVE-2025-11781
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key e.g., by analysing the firmware image or memory dump and create valid firmware updat...
CVE-2025-11779
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...
CVE-2025-11780
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...
CVE-2025-11779
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...
CVE-2025-11780
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...
CVE-2025-11778
Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...
CVE-2025-11778
Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...
CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...
CVE-2025-11789 Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...
CVE-2025-11789
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The DownloadFile function converts a parameter to an integer with atoi() and uses it as an index into the FilesDownload array; if the parameter is too large, it accesses memory beyond the array bounds. Affected: Circutor S...
CVE-2025-11788
CVE-2025-11788 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is a heap-based buffer overflow in ShowSupervisorParameters() due to unvalidated, unlimited input copied into a fixed-size buffer via sprintf(), with GetParameter(meter) directly using the input without size checks. A...
CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...
CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...
CVE-2025-11787 Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...
CVE-2025-11787 Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS', 'CheckPing' and 'TraceRoute' functions...
CVE-2025-11787
CVE-2025-11787 affects Circutor SGE-PLC1000/SGE-PLC50 running v9.0.2. The OS exposes a command injection vulnerability in GetDNS(), CheckPing(), and TraceRoute() functions. Impact is high (CVE scores indicate network-based, unauthenticated/low-privilege access with potential total impact on confi...
CVE-2025-11786 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...
CVE-2025-11786
CVE-2025-11786 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The root cause is in SetUserPassword(): the input parameter newPassword is inserted into a shell command string using sprintf() without sanitisation and then executed with system() . This enables a potential attacker to inject arbitrar...
CVE-2025-11786 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...
CVE-2025-11785
CVE-2025-11785 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is a stack-based buffer overflow in ShowMeterPasswords() caused by unbounded input from the meter parameter via GetParameter(meter) being copied into a fixed-size buffer with sprintf(), without size validation. An att...