Lucene search
K

60 matches found

Vulnrichment
Vulnrichment
added 2026/04/29 6:35 p.m.5 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 6:35 p.m.30 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:35 p.m.15 views

CVE-2026-7422

CVE-2026-7422 affects FreeRTOS-Plus-TCP; insufficient packet validation in IPv4/IPv6 processing (before V4.2.6 and V4.4.1) allows an adjacent attacker to bypass checksum and minimum-size checks by spoofing the Ethernet source MAC to a local endpoint, since loopback-detection skips validation for ...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

FreeRTOS-Plus-TCP 数字错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to 4.4.1 and 4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer overflows in the ICMP and ICMPv6 echo reply handlers, which could...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.10 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient option length validation in the IPv6 router advertisement...

6.5CVSS6AI score0.00233EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.9 views

PT-2026-35974

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to V4.4.1 FreeRTOS-Plus-TCP versions prior to V4.2.6 Description An integer underflow exists in the ICMP and ICMPv6 echo reply handlers when outgoing ping support is enabled. This occurs because header sizes ar...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-35973

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to 4.2.6 FreeRTOS-Plus-TCP versions prior to 4.4.1 Description Insufficient packet validation allows an adjacent network actor to bypass checksum and minimum-size validation. This occurs because the loopback...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.5 views

PT-2026-35980

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Security vulnerabilities existed in versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP. These vulnerabilities stemmed from insufficient data packet validation, allowing adjacent network participants...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.7 views

FreeRTOS-Plus-TCP 数字错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source, and thread-safe TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.4.1 and V4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer underflow in the DHCPv6 sub-option parser, whic...

8.1CVSS5.8AI score0.00223EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/26 9:1 a.m.150 views

Exploit for CVE-2025-5688

CVE-2025-5688 – FreeRTOS-Plus-TCP Out-of-Bounds Write Exploit...

7.5CVSS6AI score0.00305EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/10/13 9:26 a.m.8 views

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS7AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/13 7:21 a.m.4 views

CVE-2025-11617

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

5.4CVSS6.9AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2025/10/10 6:15 p.m.5 views

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS0.00315EPSS
Exploits0References3
OSV
OSV
added 2025/10/10 6:15 p.m.4 views

CVE-2025-11616

A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...

5.3CVSS7.2AI score
Exploits0References3
NVD
NVD
added 2025/10/10 6:15 p.m.6 views

CVE-2025-11616

A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...

5.4CVSS0.00285EPSS
Exploits0References3
OSV
OSV
added 2025/10/10 6:15 p.m.6 views

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS7AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/10 5:10 p.m.4 views

CVE-2025-11618 Invalid Pointer Dereference when receiving UDP/IPv6 packets in FreeRTOS-Plus-TCP

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS6.6AI score0.00315EPSS
Exploits0References3
CVE
CVE
added 2025/10/10 5:10 p.m.16 views

CVE-2025-11618

CVE-2025-11618 affects FreeRTOS-Plus-TCP’s UDP/IPv6 packet processing. The vulnerability is a missing validation check that can cause an invalid pointer dereference when a UDP/IPv6 packet carries an incorrect IP version field within IPv6 traffic. Impact is limited to IPv6-enabled applications; no...

5.3CVSS6.6AI score0.00315EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder