Name of the Vulnerable Software and Affected Versions TeNIX versions (affected versions not specified)

Description The issue is related to the lack of an authentication procedure in the pnp-receive.sh service of the TeNIX operating system used in МФК1500 and МФК3000 programmable logic controllers. This allows a remote attacker to exploit the issue by sending arbitrary data to the pnp-receive.sh service, which will be accepted and automatically saved to a separate file without any size restrictions, potentially exhausting the device's disk space.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.