An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the final instance of the incorrect comparison.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HOpenplcproject Openplc V3 Firmware
OSOpenplcproject2024-04-04
Powiązane podatności
OpenPLC V3 — pominięcie uwierzytelnienia przez niezabezpieczoną domyślną inicjalizację
OpenPLC V3 — przechowywanie haseł w postaci jawnego tekstu (CWE-256)
Stack-based buffer overflow w OpenPLC V3 — RCE przez EtherNet/IP
A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 ver...
OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the caller's role. Any authenticated u...