Skip to main content

Golang CVE-2025-9283

HIGH
Uncontrolled Resource Consumption (CWE-400)
2026-01-20 PSIRT@rockwellautomation.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 20, 2026 - 14:16 nvd
HIGH 7.5

DescriptionCVE.org

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.

AnalysisAI

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. [CVSS 7.5 HIGH]

Technical ContextAI

Classified as CWE-400 (Uncontrolled Resource Consumption). Affects Armorstart Lt Firmware. A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

More in Golang

View all
CVE-2026-24897 CRITICAL POC
10.0 Jan 28

Erugo file-sharing platform up to version 0.2.14 has a CVSS 10.0 path traversal allowing authenticated users to read any

CVE-2022-50926 CRITICAL POC
9.8 Jan 13

WAGO PFC200 G2 PLC (firmware affected) allows privilege escalation through cookie manipulation. Users can modify cookie

CVE-2026-28408 CRITICAL POC
9.8 Feb 27

Authentication bypass in WeGIA charitable institution management system before 3.6.5. The adicionar_tipo_docs_atendido.p

CVE-2026-24895 CRITICAL POC
9.8 Feb 12

CGI path splitting vulnerability in FrankenPHP before 1.11.2 — Unicode characters bypass path validation during CGI proc

CVE-2025-66719 CRITICAL POC
9.1 Jan 23

Free5gc NRF 1.4.0 has an authorization bypass in access token generation that allows authenticated users to request toke

CVE-2022-50909 HIGH POC
8.8 Jan 13

Algo 8028 Control Panel version 3.3.3 contains a command injection vulnerability in the fm-data.lua endpoint that allows

CVE-2026-3769 HIGH POC
8.8 Mar 08

Stack-based buffer overflow in Tenda F453 firmware 1.0.0.3 allows remote attackers with valid credentials to achieve una

CVE-2026-3768 HIGH POC
8.8 Mar 08

Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows authenticated remote attackers to achieve comp

CVE-2025-66292 HIGH POC
8.1 Jan 15

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vu

CVE-2019-25344 HIGH POC
7.8 Feb 12

Mobilego versions up to 8.5.0 is affected by incorrect permission assignment for critical resource (CVSS 7.8).

CVE-2019-25308 HIGH POC
7.8 Feb 11

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration.

CVE-2026-26514 HIGH POC
7.5 Mar 04

Remote attackers can inject arbitrary command-line arguments into bird-lg-go's traceroute module through unsanitized use

Share

CVE-2025-9283 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy