Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-11826
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-18 Jul, 2026 | 13:35
Updated At-18 Jul, 2026 | 13:35
Rejected At-
▼CVE Numbering Authority (CNA)
OpenPLC_v3 Heap-Based Buffer Overflow in Modbus Master getData()

OpenPLC_v3 contains a heap-based buffer overflow in the getData() function in webserver/core/modbus_master.cpp. getData() reads characters between two delimiters into a caller-supplied buffer with no size parameter and no bounds check. In parseConfig() the function is invoked with the 100-byte heap-allocated MB_device.dev_name field. An authenticated attacker with access to the OpenPLC web interface can send a crafted HTTP POST to the /modbus endpoint with an oversized device_name value; the value is persisted to mbconfig.cfg and parsed on load, overflowing dev_name and overwriting adjacent struct fields (protocol at offset 108, dev_address at offset 109, ip_port at offset 210). A 200-byte payload writes 100 bytes past the allocation. The result is heap corruption leading to runtime crash and denial of service of the PLC process control loop, with attacker-controlled overwrite of adjacent configuration fields. The upstream repository was archived on 2026-04-04 and no fix is expected; the vendor has confirmed the issue does not affect OpenPLC Runtime v4.

Affected Products
Vendor
openplcproject
Product
OpenPLC_v3
Default Status
affected
Versions
Affected
  • From 0 through b470206 (git)
Problem Types
TypeCWE IDDescription
CWECWE-122Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-122
Description: Heap-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Shuhratbek Uraimov
reporter
Shuhratbek Uraimov
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://gist.github.com/Shukhrat-03/5cf1825b72e485ef98a32958dfbc611a#security-vulnerability-report
technical-description
https://github.com/thiagoralves/OpenPLC_v3/commit/b4702061dc14d1024856f71b4543298d77007b88
issue-tracking
https://github.com/thiagoralves/OpenPLC_v3
product
https://www.vulncheck.com/advisories/openplc-v3-heap-based-buffer-overflow-in-modbus-master-getdata
third-party-advisory
Hyperlink: https://gist.github.com/Shukhrat-03/5cf1825b72e485ef98a32958dfbc611a#security-vulnerability-report
Resource:
technical-description
Hyperlink: https://github.com/thiagoralves/OpenPLC_v3/commit/b4702061dc14d1024856f71b4543298d77007b88
Resource:
issue-tracking
Hyperlink: https://github.com/thiagoralves/OpenPLC_v3
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/openplc-v3-heap-based-buffer-overflow-in-modbus-master-getdata
Resource:
third-party-advisory
Details not found