2025-12-02 12:57:46
INCIBE
PUBLISHED
Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The SetLan function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the index.cgi web application. The parameters are not being sanitised, which could lead to command injection.