CNNVD-202512-249 Information

Dec 02, 2025 cve

CNNVD ID

CNNVD-202512-249

CVE-2025-11783

CNNVD Published: 2025-12-02

Description (Chinese)

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50都是西班牙CIRCUTOR公司的一个网络集中器。 CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 v9.0.2版本存在安全漏洞，该漏洞源于AddEvent函数未验证用户名输入长度，可能导致远程代码执行。

Description (English)

CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are all network centralists of the Spanish company CIRCUTOR. CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.02 have a security loophole, which stems from the failure of the AddEvent function to verify the username input length, which may result in remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CIRCUTOR

Published

2025-12-02

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0

Patch

https://circutor.com/

Share on: