2 matches found
CVE-2025-1066
OpenPLC_V3 is affected by an arbitrary file upload vulnerability. The CVE-2025-1066 entry identifies a high-severity, network-exposed issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) that could enable malvertising or phishing campaigns. The available connected sources consistently describe ...
CVE-2024-36981
Summary: CVE-2024-36981 affects OpenPLC_v3 (commit b4702061dc14d1024856f71b4543298d77007b88) with an out-of-bounds read in the Runtime EtherNet/IP PCCC parser, enabling denial of service via specially crafted EtherNet/IP requests. The TALOS report clarifies two vulnerable paths in OpenPLC_v3: Sen...