2025-12-02 13:01:37
INCIBE
PUBLISHED
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the SetUserPassword() function, the newPassword parameter is directly embedded in a shell command string using sprintf() without any sanitisation or validation, and then executed using system(). This allows an attacker to inject arbitrary shell commands that will be executed with the same privileges as the application.