2025-12-02 13:04:38
INCIBE
PUBLISHED
Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The DownloadFile function converts a parameter to an integer using atoi() and then uses it as an index in the FilesDownload array with (&FilesDownload)[iVar2]. If the parameter is too large, it will access memory beyond the limits.