Lucene search
K

181 matches found

CVE
CVE
added 2025/12/02 12:56 p.m.20 views

CVE-2025-11778

CVE-2025-11778 affects Circutor SGE-PLC1000/SGE-PLC50 (v0.9.2). The issue is a stack-based buffer overflow in the TACACSPLUS implementation, specifically in the read_packet() function, enabling remote memory corruption. Multiple connected sources corroborate the vulnerability in the same software...

10CVSS7.1AI score0.00306EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/02 12:56 p.m.6 views

CVE-2025-11778 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS0.00306EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 12:56 p.m.2 views

CVE-2025-11778 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

10CVSS7.1AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.7 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the AddEvent function not validating the length of the username input, which cou...

9.8CVSS7.8AI score0.00532EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.5 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the firmware containing hard-coded keys that could lead to bypassing access...

8.6CVSS6.6AI score0.00125EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.6 views

PT-2025-48676

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in the SetUserPassword function. The newPassword parameter is incorporated into a shell command string using sprintf without proper sanitisation or...

9.8CVSS7.8AI score0.00344EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.5 views

PT-2025-48679

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with '&FilesDownloadiVar2'. If the parameter is too large, it will access memory beyond...

7.1CVSS6.8AI score0.0023EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.3 views

PT-2025-48672

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in the software due to insufficient bounds checking when handling user-supplied input. The ShowDownload function utilizes sprintf to format a string,...

9.8CVSS6.9AI score0.0035EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.7 views

PT-2025-48673

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in the AddEvent function when handling user-supplied usernames. The issue occurs because the function copies the username input to a fixed-size buffe...

9.8CVSS7.9AI score0.00532EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.4 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the ShowMeterDatabase function not validating the length of the meter parameter, which...

9.8CVSS7.1AI score0.00344EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.5 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 缓冲区错误漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A buffer error vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the DownloadFile function not validating the parameter range, which could lead to...

7.5CVSS6.9AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.4 views

PT-2025-48668

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 0.9.2 Description A stack-based buffer overflow exists in the TACACSPLUS implementation of the software. This allows a remote attacker to corrupt memory and potentially gain control of the system. The iss...

10CVSS7.2AI score0.00306EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.5 views

PT-2025-48669

Name of the Vulnerable Software and Affected Versions CircutorSGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in the SetLan function of the software. This function is triggered when a new configuration is applied via a management web request to the 'index.cgi'...

9.8CVSS7.2AI score0.01334EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.3 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the ShowDownload function not validating the length of the meter parameter, whic...

9.8CVSS7.1AI score0.0035EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.4 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the showMeterReport function not validating the length of the meter parameter, which cou...

9.8CVSS7.1AI score0.00284EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.5 views

PT-2025-48671

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description The affected firmware contains a hardcoded static authentication key. An attacker with local access can extract this key by analyzing the firmware image or memory dump. This allows the...

8.6CVSS5.4AI score0.00125EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.6 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the ShowSupervisorParameters function not validating the length of the meter parameter,...

9.8CVSS7.1AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.6 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v0.9.2, which stems from a stack buffer overflow in the readpacket function of the TACACSPLUS...

10CVSS7.2AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.4 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from an uncleared parameter in the SetLan function and could lead to command injectio...

9.8CVSS6.9AI score0.01334EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.4 views

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.0.2, which stems from the ShowMeterPasswords function not validating the length of the meter parameter, which...

9.8CVSS7.1AI score0.00344EPSS
Exploits0References1
Rows per page
Query Builder