136 matches found
Authentication flaw
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...
CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...
CVE-2023-2626
CVE-2023-2626 (OpenThread border router) : Authentication bypass allowing unauthenticated nodes to craft radio frames via a fixed “Key ID Mode 2” encryption key, enabling arbitrary IPv6 packets to be sent to and from devices on the LAN through the Thread network. Documented impact: bypass of secu...
CVE-2023-2626 Authentication Bypass in OpenThread Boarder Router devices
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...
PT-2023-20568 · Unknown · Openthread
Name of the Vulnerable Software and Affected Versions: OpenThread border router devices and implementations affected versions not specified Description: The issue is an authentication bypass vulnerability that allows unauthenticated nodes to craft radio frames using a special mode called Key ID...
Google OpenThread Buffer Overflow Vulnerability
Google OpenThread is an open source implementation of the Thread networking protocol from Google USA. A buffer overflow vulnerability exists in OpenThread wpantund, which stems from an error in the handling of shaped data in the metriclen function. No details of the vulnerability are available at...
CVE-2021-33889
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metriclen...
CVE-2021-33889
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metriclen...
Stack overflow
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metriclen...
CVE-2021-33889
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metriclen...
CVE-2021-33889
CVE-2021-33889 – OpenThread wpantund buffer overflow caused by an inconsistency in the integer data type for metric_len, leading to a stack-based overflow. Affected component: OpenThread wpantund. According to connected disclosures, this is a buffer overflow vulnerability with potential impact on...
Google OpenThread 缓冲区错误漏洞
Google OpenThread is an open source implementation of the Thread networking protocol from Google USA. A buffer overflow vulnerability exists in OpenThread wpantund, which stems from an error in the handling of shaped data in the metriclen function. No details of the vulnerability are available at...
openthread:ncp-uart-received-fuzzer: Memcpy-param-overlap in ot::Message::Write
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5748343379329024 Project: openthread Fuzzing Engine: honggfuzz Fuzz Target: ncp-uart-received-fuzzer Job Type: honggfuzzasanopenthread Platform Id: linux Crash Type: Memcpy-param-overlap Crash...
Openthread wpantund memory leak vulnerability
Openthread wpantund is a user-space network interface daemon. A security vulnerability exists in Openthread wpantund. An attacker could exploit this vulnerability to cause a service crash denial of service...
CVE-2020-8916
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver eg: debug environments can allow an attacker to crash the service DoS. We recommend updating, or to...
CVE-2020-8916
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver eg: debug environments can allow an attacker to crash the service DoS. We recommend updating, or to...
Memory corruption
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver eg: debug environments can allow an attacker to crash the service DoS. We recommend updating, or to...
CVE-2020-8916
CVE-2020-8916 describes a memory-leak in OpenThread’s wpantund (versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7) when used in environments where wpanctl directly interfaces with the control driver. This can allow an attacker to crash the service (DoS). Affected component: wpantund ...
CVE-2020-8916 Memory leak in wpanctl can lead to DoS
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver eg: debug environments can allow an attacker to crash the service DoS. We recommend updating, or to...
openthread:ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::PrefixTlv::GetPrefixLength
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5416643298852864 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ...