CVE-2012-5048

Optimalog Optima PLC < 1.5.2 - Denial of Service via Crafted Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5048.

AI-analyzed exploit summary This is a technical writeup detailing two vulnerabilities (NULL pointer and endless loop) in Optima APIFTP Server <= 1.5.2.13. It includes disassembly analysis and references external tools for exploitation but does not contain functional exploit code.

Description

APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/18112

View Code ZIP pw:eip

This is a technical writeup detailing two vulnerabilities (NULL pointer and endless loop) in Optima APIFTP Server <= 1.5.2.13. It includes disassembly analysis and references external tools for exploitation but does not contain functional exploit code.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Optima APIFTP Server <= 1.5.2.13

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/55712

Various Sources x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-02.pdf

Scores

EPSS 0.0691

EPSS Percentile 93.2%

Details

CWE

CWE-399

Status published

Products (5)

optimalog/optima_plc 1.4.9

optimalog/optima_plc 1.4.10

optimalog/optima_plc 1.5.0

optimalog/optima_plc 1.5.1

optimalog/optima_plc < 1.5.2

Published Sep 28, 2012

Tracked Since Feb 18, 2026