CRITICAL🇵🇱 Wersja polska

CVE-2021-33841

CVSS 10.0v3.1pub. 2021-06-09upd. 2024-11-21

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Circutor Sge Plc1000

    HW
    Circutor
    wszystkie wersje
  • Circutor Sge Plc1000 Firmware

    OS
    Circutor
    0.9.2b
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2025-11778CRITICAL10.0PL ✓ten sam produkt

Stack-based buffer overflow w Circutor SGE-PLC1000/SGE-PLC50 (TACACS+)

CVE-2025-11779CRITICAL9.4PL ✓ten sam produkt

Stack-based buffer overflow w Circutor SGE-PLC1000/SGE-PLC50 via SetLan

CVE-2025-11780HIGH8.7ten sam produkt

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()'...

CVE-2025-11781HIGH8.6ten sam produkt

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a...

CVE-2025-11782HIGH8.5ten sam produkt

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' funct...