CIRCUTOR COMPACT DC-S BASIC Firmware 1.2.17

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:circutor:compact_dc-s_basic_firmware:1.2.17:*:*:*:*:*:*:*

part: o version: 1.2.17 update: *

VendorCircutor (ca159144-045f-5d8f-ae81-c71b6d00748f)
ProductCompact Dc S Basic Firmware (830369b0-4149-5c7f-a24b-56c85f2f3b5c)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-1669 vulnerable 2026-06-03 14:45:59.365009 Circutor COMPACT DC-S BASIC
MEDIUM (6.8)
A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any "Address" value and it would be copied to a second variable with a "strcpy" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address.
Published: 2022-05-24T17:38:36.592Z
Updated: 2025-04-16T16:18:54.034Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-26777 vulnerable 2026-06-03 14:44:08.930594 Details available
Buffer overflow vulnerability in function SetFirewall in index.cgi in CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare version CIR_CDC_v1.2.17, allows attackers to execute arbitrary code.
Published: 2021-12-02T03:26:41.000Z
Updated: 2024-08-03T20:33:41.291Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.