A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HOpenplcproject Openplc V3 Firmware
OSOpenplcproject2024-04-04
Related vulnerabilities
OpenPLC V3 — pominięcie uwierzytelnienia przez niezabezpieczoną domyślną inicjalizację
OpenPLC V3 — przechowywanie haseł w postaci jawnego tekstu (CWE-256)
A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 ver...
OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the caller's role. Any authenticated u...
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of Ope...