VYPR

Opener

by EIPStackGroup

Source repositories

CVEs (11)

  • CVE-2022-43605CriMar 16, 2023
    risk 0.66cvss 10.0epss 0.14

    An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or…

  • CVE-2021-21777CriJun 17, 2021
    risk 0.65cvss 10.0epss 0.02

    An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read.

  • CVE-2020-13556CriDec 11, 2020
    risk 0.64cvss 9.8epss 0.05

    An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to…

  • CVE-2021-27478HigMay 12, 2022
    risk 0.53cvss 8.2epss 0.01

    A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may cause a denial-of-service condition.

  • CVE-2022-32434HigJul 15, 2022
    risk 0.51cvss 7.8epss 0.01

    EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.

  • CVE-2021-27500HigMay 12, 2022
    risk 0.49cvss 7.5epss 0.01

    A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

  • CVE-2021-27498HigMay 12, 2022
    risk 0.49cvss 7.5epss 0.01

    A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may result in a denial-of-service condition.

  • CVE-2021-27482HigMay 12, 2022
    risk 0.49cvss 7.5epss 0.01

    A specifically crafted packet sent by an attacker to EIPStackGroup OpENer EtherNet/IP commits and versions prior to Feb 10, 2021 may allow the attacker to read arbitrary data.

  • CVE-2020-13530HigDec 11, 2020
    risk 0.49cvss 7.5epss 0.02

    A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of…

  • CVE-2026-10703MedJun 3, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the…

  • CVE-2026-38719MedMay 18, 2026
    risk 0.40cvss 6.2epss 0.00

    OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item_count value that…

VYPR — Vulnerability Intelligence