Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HUnitronics Visilogic Oplc Ide
APPUnitronics≤ 9.8.22
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Powiązane podatności
CVE-2015-7939CRITICAL9.6ten sam produkt
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute a...
CVE-2015-7905HIGH7.5ten sam produkt
Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown ve...
CVE-2015-6478MEDIUM6.8ten sam produkt
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allow...
CVE-2023-6448CRITICAL9.8⚠ KEVPL ✓ten sam vendor
Unitronics VisiLogic — domyślne hasło administratora w sterownikach PLC i HMI
CVE-2024-27767CRITICAL10.0PL ✓ten sam vendor
Pominięcie uwierzytelnienia w Unitronics Unilogic (Authentication Bypass)