CNNVD-202512-252 Information

CNNVD ID

CNNVD-202512-252

Related CVE

CVE-2025-11780

• CNNVD Published: 2025-12-02

Description (Chinese)

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50都是西班牙CIRCUTOR公司的一个网络集中器。 CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 v9.0.2版本存在安全漏洞，该漏洞源于showMeterReport函数未验证meter参数长度，可能导致栈缓冲区溢出。

Description (English)

CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are all network centralists of the Spanish company CIRCUTOR. CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 v9.02 have a security loophole, which stems from the fact that the showMeterReport function does not verify the length of the metr parameters, which may result in a spill over the silo buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CIRCUTOR

Published

2025-12-02

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0

Patch

https://circutor.com/