Open PLC and Planet vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed one vulnerability in the OpenPLC logic controller and four vulnerabilities in the Planet WGR-500 router. For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from...

CVE-2025-54403

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

CVE-2025-54404

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

CVE-2025-54403

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

CVE-2025-54404

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

EUVD-2025-32860

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

CVE-2025-54404

Talos reports CVE-2025-54404 affecting Planet WGR-500 v1.3411b190912. The flaw resides in the swctrl service, which over UDP processes a PLANETut message; when the 0x90 (CHANGE_SETTINGS) path is taken, attacker-controlled fields (notably new_device_name) are incorporated into a shell command (fla...

EUVD-2025-32858

Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...

CVE-2025-54403

Planet WGR-500 v1.3411b190912 has multiple OS command injection flaws in the swctrl service. A UDP-based protocol accepts commands with a header containing PLANETut and a 0x90 change settings path, where attacker-supplied, nibble-decoded inputs are used to build shell commands via system(). The v...

Planet WGR-500 swctrl OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2227 Planet WGR-500 swctrl OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54404,CVE-2025-54403 SUMMARY Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially...

PT-2025-41004

Name of the Vulnerable Software and Affected Versions Planet WGR-500 version 1.3411b190912 Description Multiple OS command injection flaws exist in the swctrl functionality. A crafted network request can result in arbitrary command execution. The new password request parameter is involved in...

EUVD-2024-49189

Malicious code in bioql PyPI...

EUVD-2024-49188

Malicious code in bioql PyPI...

CVE-2024-8454

The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service...

CVE-2024-8455

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets ca...

CVE-2024-8455

The CVE describes PLANET Technology devices where the swctrl service uses authentication tokens that are encoded like user passwords on certain switch models. The underlying issue is weak encoding, allowing an unauthenticated network attacker to intercept packets and crack them to obtain plaintex...

CVE-2024-8454 PLANET Technology switch devices - Swctrl service DoS attack

The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service...

PT-2024-39025 · Planet Technology · Planet Technology Devices

Name of the Vulnerable Software and Affected Versions: PLANET Technology devices affected versions not specified Description: The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with thi...

PT-2024-39024 · Planet Technology · Planet Technology Devices

Name of the Vulnerable Software and Affected Versions: PLANET Technology devices affected versions not specified Description: The swctrl service, used for detecting and remotely managing PLANET Technology devices, contains a Denial-of-Service issue. This allows unauthenticated remote attackers to...