CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi' web application. The parameters are not being sanitised, which could lead to command injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-circutor-products-0

Products affected by CVE-2025-11779

Circutor » Sge-Plc1000 » Version: N/A

cpe:2.3:h:circutor:sge-plc1000:-
Circutor » Sge-Plc50 » Version: N/A

cpe:2.3:h:circutor:sge-plc50:-
Circutor » Sge-Plc1000 Firmware » Version: 9.0.2

cpe:2.3:o:circutor:sge-plc1000_firmware:9.0.2
Circutor » Sge-Plc50 Firmware » Version: 9.0.2

cpe:2.3:o:circutor:sge-plc50_firmware:9.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-11779

Products

Pricing

Contact Us