CVE-2013-2784

Triangle Research International Nano-10 PLC <r81 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2784. PoCs published by Sapling.

AI-analyzed exploit summary This Python script exploits a denial-of-service vulnerability in Tri-PLC Nano-10 devices by sending a malformed Modbus packet with a coil quantity set to 0, causing the device to crash. The exploit targets TCP port 502 and requires no authentication.

Description

Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to cause a denial of service (networking outage) via a crafted packet to TCP port 502.

Exploits (1)

exploitdb WORKING POC

by Sapling · pythondoshardware

https://www.exploit-db.com/exploits/26802

View Code ZIP pw:eip

This Python script exploits a denial-of-service vulnerability in Tri-PLC Nano-10 devices by sending a malformed Modbus packet with a coil quantity set to 0, causing the device to crash. The exploit targets TCP port 502 and requires no authentication.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Tri-PLC Nano-10 Firmware Version r81 and prior

No auth needed

Prerequisites: Network access to the target device on TCP port 502

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource x_refsource_misc

http://ics-cert.us-cert.gov/advisories/ICSA-13-189-02

Scores

EPSS 0.0404

EPSS Percentile 89.3%

Details

CWE

CWE-310

Status published

Products (2)

triplc/nano-10_plc

triplc/nano-10_plc_firmware < r80

Published Jul 10, 2013

Tracked Since Feb 18, 2026