CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

CVE-2025-41709 Command injection in power analyzer via Modbus-TCP and Modbus-RTU

An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...

Janitza UMG 96RM-E 24V和Janitza UMG 96RM-E 230V 操作系统命令注入漏洞

Both Janitza UMG 96RM-E 24V and Janitza UMG 96RM-E 230V are multi-functional power quality analyzers produced by the German company Janitza. Both models have vulnerabilities related to operating system command injection. These vulnerabilities arise from defects in the power analyzer’s processing ...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

CVE-2025-54848

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

CVE-2025-20085

Talos reports CVE-2025-20085 affecting Socomec DIRIS Digiware M-70 v1.6.9. The Modbus RTU over TCP service can be abused by an unauthenticated actor sending a crafted Modbus message (port 503) to write a value (register 57856) via Write Single Register (function code 6), triggering a denial-of-se...

CVE-2025-23417

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability...

CVE-2025-54850

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

EUVD-2025-200035

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

PT-2025-48482

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9 Description A denial of service issue exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality. An attacker can send an unauthenticated, specially crafted network packet to trigger a...

Unspecified Buffer Overflow Vulnerability in Advantech EKI-1200 Series

Advantech EKI-1200 Gateway is the EKI-1200 series Modbus data gateway product from Advantech China, which is mainly used to integrate Modbus/RTU and Modbus/ASCI serial devices into bi-directional gateways based on TCP/IP networks. An unspecified buffer overflow vulnerability exists in the Advante...

CAS Modbus RTU Parser Buffer Overflow Exploit

Exploit for windows platform in category local exploits hello, nice to meet u A few day ago, Senator of Pirates published CAS Modbus RTU Parser Buffer Overflow PoC code, so i try to make Exploit Code, This is Exploit Title: CAS Modbus RTU Parser Buffer Overflow Exploit Date: 2012,09,07 Author:...

CAS Modbus RTU Parser Buffer Overflow SEH (PoC)

Exploit for windows platform in category dos / poc Title : CAS Modbus RTU Parser Buffer Overflow SEH PoC Author : Senator of Pirates Founder : Marshal Webb Link Software : http://www.chipkin.com/technical-resources/cas-modbus-rtu-parser/ FaceBook : /SenatorofPiratesInfo Marshal's FaceBook :...

CVE-2011-1914

Buffer overflow in the Advantech ADAM OLE for Process Control OPC Server ActiveX control in ADAM OPC Server before 3.01.012, Modbus RTU OPC Server before 3.01.010, and Modbus TCP OPC Server before 3.01.010 allows remote attackers to execute arbitrary code via unspecified vectors...

Buffer overflow

Buffer overflow in the Advantech ADAM OLE for Process Control OPC Server ActiveX control in ADAM OPC Server before 3.01.012, Modbus RTU OPC Server before 3.01.010, and Modbus TCP OPC Server before 3.01.010 allows remote attackers to execute arbitrary code via unspecified vectors...