Lucene search
K

245 matches found

Vulnrichment
Vulnrichment
added 2026/04/29 6:36 p.m.5 views

CVE-2026-7423 Integer Underflow in ICMP Echo Reply Processing in FreeRTOS-Plus-TCP

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...

6CVSS5.2AI score0.00221EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 6:36 p.m.6 views

EUVD-2026-26276

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...

6CVSS5.2AI score0.00221EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 6:35 p.m.29 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS0.00177EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/29 6:35 p.m.5 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 6:35 p.m.5 views

EUVD-2026-26275

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:35 p.m.12 views

CVE-2026-7422

CVE-2026-7422 affects FreeRTOS-Plus-TCP; insufficient packet validation in IPv4/IPv6 processing (before V4.2.6 and V4.4.1) allows an adjacent attacker to bypass checksum and minimum-size checks by spoofing the Ethernet source MAC to a local endpoint, since loopback-detection skips validation for ...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

FreeRTOS-Plus-TCP 数字错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to 4.4.1 and 4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer overflows in the ICMP and ICMPv6 echo reply handlers, which could...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.5 views

PT-2026-35980

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Security vulnerabilities existed in versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP. These vulnerabilities stemmed from insufficient data packet validation, allowing adjacent network participants...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.8 views

PT-2026-35979

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIX INFORMATION option that is small...

6.5CVSS5.3AI score0.00233EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.7 views

FreeRTOS-Plus-TCP 数字错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source, and thread-safe TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.4.1 and V4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer underflow in the DHCPv6 sub-option parser, whic...

8.1CVSS5.8AI score0.00223EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.10 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient option length validation in the IPv6 router advertisement...

6.5CVSS6AI score0.00233EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.9 views

PT-2026-35974

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to V4.4.1 FreeRTOS-Plus-TCP versions prior to V4.2.6 Description An integer underflow exists in the ICMP and ICMPv6 echo reply handlers when outgoing ping support is enabled. This occurs because header sizes ar...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.10 views

PT-2026-35973

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to 4.2.6 FreeRTOS-Plus-TCP versions prior to 4.4.1 Description Insufficient packet validation allows an adjacent network actor to bypass checksum and minimum-size validation. This occurs because the loopback...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/02/26 9:1 a.m.149 views

Exploit for CVE-2025-5688

CVE-2025-5688 – FreeRTOS-Plus-TCP Out-of-Bounds Write Exploit...

7.5CVSS6AI score0.00305EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.6 views

CVE-2021-31571

The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation...

9.8CVSS7.2AI score0.01382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/13 9:26 a.m.8 views

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS7AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/13 7:21 a.m.4 views

CVE-2025-11617

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

5.4CVSS6.9AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2025/10/10 6:15 p.m.5 views

CVE-2025-11618

A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...

5.3CVSS0.00308EPSS
Exploits0References3
Rows per page
Query Builder