Sge Plc50 Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:circutor:sge-plc50_firmware:9.0.2:*:*:*:*:*:*:*
part: o version: 9.0.2 update: *
| Vendor | Circutor (ca159144-045f-5d8f-ae81-c71b6d00748f) |
|---|---|
| Product | Sge Plc50 Firmware (72fa7c7b-4275-5d67-ae9e-43460310afc6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-11789 |
vulnerable | 2026-06-03 14:58:43.062655 |
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi()' and then uses it as an index in the 'FilesDownload' array with '(&FilesDownload)[iVar2]'. If the parameter is too large, it will access memory beyond the limits.
Published: 2025-12-02T13:04:38.363Z
Updated: 2025-12-02T13:27:16.494Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11788 |
vulnerable | 2026-06-03 14:58:43.061788 |
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter.
Published: 2025-12-02T13:03:32.925Z
Updated: 2025-12-02T13:31:08.915Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11787 |
vulnerable | 2026-06-03 14:58:43.060996 |
Command injection vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS()', 'CheckPing()' and 'TraceRoute()' functions.
Published: 2025-12-02T13:02:40.055Z
Updated: 2025-12-02T13:31:49.784Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11786 |
vulnerable | 2026-06-03 14:58:43.060476 |
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword()' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf()' without any sanitisation or validation, and then executed using 'system()'. This allows an attacker to inject arbitrary shell commands that will be executed with the same privileges as the application.
Published: 2025-12-02T13:01:37.231Z
Updated: 2025-12-02T13:36:41.564Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11785 |
vulnerable | 2026-06-03 14:58:43.059881 |
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter.
Published: 2025-12-02T13:01:25.600Z
Updated: 2025-12-02T13:37:33.371Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11784 |
vulnerable | 2026-06-03 14:58:43.059374 |
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the 'meter' parameter.
Published: 2025-12-02T13:01:15.908Z
Updated: 2025-12-02T13:59:31.509Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11783 |
vulnerable | 2026-06-03 14:58:43.058837 |
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent()' function when copying the user-controlled username input to a fixed-size buffer (48 bytes) without boundary checking. This can lead to memory corruption, resulting in possible remote code execution.
Published: 2025-12-02T13:01:04.236Z
Updated: 2025-12-02T14:00:14.603Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11782 |
vulnerable | 2026-06-03 14:58:43.058132 |
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' function uses “sprintf()” to format a string that includes the user-controlled input of 'GetParameter(meter)' in the fixed-size buffer 'acStack_4c' (64 bytes) without checking the length. An attacker can provide an excessively long value for the 'meter' parameter that exceeds the 64-byte buffer size.
Published: 2025-12-02T13:00:48.947Z
Updated: 2025-12-02T14:37:50.963Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11781 |
vulnerable | 2026-06-03 14:58:43.057485 |
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key (e.g., by analysing the firmware image or memory dump) and create valid firmware update packages. This bypasses all intended access controls and grants full administrative privileges.
Published: 2025-12-02T12:59:46.925Z
Updated: 2025-12-02T13:35:07.164Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11780 |
vulnerable | 2026-06-03 14:58:43.056779 |
Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf()'. The 'GetParameter(meter)' function retrieves the user input, which is directly incorporated into a buffer without size validation. An attacker can provide an excessively large input for the “meter” parameter.
Published: 2025-12-02T12:58:35.719Z
Updated: 2025-12-02T13:43:28.808Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11779 |
vulnerable | 2026-06-03 14:58:43.055662 |
Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi' web application. The parameters are not being sanitised, which could lead to command injection.
Published: 2025-12-02T12:57:46.050Z
Updated: 2025-12-02T13:44:57.270Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.