Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
OpenplcprojectOpenplc V3 Firmware

8 matches found

CVE
CVEadded 2021/08/03 3:15 p.m.80 views

CVE-2021-31630

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application.

9CVSS9.1AI score0.8678EPSS
CVE
CVEadded 2024/09/18 3:15 p.m.69 views

CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to tri...

9.8CVSS8.3AI score0.01085EPSS
CVE
CVEadded 2024/09/18 3:15 p.m.50 views

CVE-2024-39590

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to ...

7.5CVSS7AI score0.00373EPSS
CVE
CVEadded 2024/09/18 3:15 p.m.49 views

CVE-2024-39589

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. A specially crafted EtherNet/IP request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to ...

7.5CVSS7.1AI score0.00373EPSS
CVE
CVEadded 2024/09/18 3:15 p.m.48 views

CVE-2024-36980

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vu...

7.5CVSS6.9AI score0.00299EPSS
CVE
CVEadded 2019/04/22 11:29 a.m.40 views

CVE-2018-20818

A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact.

9.8CVSS10AI score0.00459EPSS
CVE
CVEadded 2024/09/18 3:15 p.m.37 views

CVE-2024-36981

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vu...

7.5CVSS6.9AI score0.00264EPSS
CVE
CVEadded 2024/06/28 1:15 p.m.34 views

CVE-2024-37741

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture.

5.4CVSS6AI score0.00097EPSS