The invention provides an IEC104 protocol vulnerability mining method based on protocol state graph traversing. The IEC104 protocol vulnerability mining method based on protocol state graph traversingcomprises the steps of: processing an obtained network data packet of target equipment into a de-weighted protocol base block; constructing a protocol state graph according to the de-weighted protocol base block; traversing the protocol state graph according to a pre-set rule, and generating at least one malformed data packet; and performing vulnerability testing on the at least one malformed data packet, and determining a script corresponding to the malformed data packet passing vulnerability testing as one vulnerability of the target equipment. According to the vulnerability mining method provided by the invention, vulnerability mining testing is carried out by taking state side RTU equipment as an object; security vulnerabilities in a power system and industrial control system equipment can be effectively discovered; when a test case is generated, a traversing path is relatively effective; the proportion of the generated effective test case is relatively high; and the execution time is reduced.