30 matches found
OESA-2026-2808 radvd security update
The router advertisement daemon radvd is run by Linux or BSD systems acting as IPv6 routers. It sends Router Advertisement messages, specified by RFC 2461, to a local Ethernet LAN periodically and when requested by a node sending a Router Solicitation message. These messages are required for IPv6...
OESA-2026-2807 radvd security update
The router advertisement daemon radvd is run by Linux or BSD systems acting as IPv6 routers. It sends Router Advertisement messages, specified by RFC 2461, to a local Ethernet LAN periodically and when requested by a node sending a Router Solicitation message. These messages are required for IPv6...
CVE-2026-48715
radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...
EUVD-2011-3562
Malware in sbrugna...
EUVD-2011-3560
Malware in sbrugna...
CVE-2023-32154
CVE-2023-32154 affects MikroTik RouterOS and its Router Advertisement Daemon (RADVD). The vulnerability is an out-of-bounds write caused by insufficient validation of user-supplied data, enabling network-adjacent attackers to execute code with root privileges. Exploitation requires no authenticat...
CVE-2023-32154 Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability
Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists...
MikroTik RouterOS 安全漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in PCs to enable them to provide router functionality. MikroTik RouterOS suffers from a security vulnerability that stems from the presence of an out-of-bounds write to...
The vulnerability of the radvd (Router Advertisement Daemon) component of the RouterOS operating system in MikroTik routers allows a hacker to execute arbitrary code.
The vulnerability of the radvd Router Advertisement Daemon component of the RouterOS operating system in MikroTik routers stems from the operation of writing data beyond the buffer in memory when processing data entered by the user. Exploiting this vulnerability allows a remote attacker to execut...
(0Day) (Pwn2Own) Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper...
SUSE CVE-2011-3604
The processra function in the router advertisement daemon radvd before 1.8.2 allows remote attackers to cause a denial of service stack-based buffer over-read and crash via unspecified vectors...
PT-2022-6614 · Mikrotik · Mikrotik Routeros
Name of the Vulnerable Software and Affected Versions: Mikrotik RouterOS affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. No authentication is required to exploit this vulnerability...
CVE-2011-3602
Directory traversal vulnerability in device-linux.c in the router advertisement daemon radvd before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. dot dot in an interface name. NOTE: this can be leveraged with a symlink to overwrit...
CVE-2011-3603
The router advertisement daemon radvd before 1.8.2 does not properly handle errors in the privsepinit function, which causes the radvd daemon to run as root and has an unspecified impact...
DEBIAN-CVE-2011-3602
Directory traversal vulnerability in device-linux.c in the router advertisement daemon radvd before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. dot dot in an interface name. NOTE: this can be leveraged with a symlink to overwrit...
Code injection
The router advertisement daemon radvd before 1.8.2 does not properly handle errors in the privsepinit function, which causes the radvd daemon to run as root and has an unspecified impact...
CVE-2011-3603
The router advertisement daemon radvd before 1.8.2 does not properly handle errors in the privsepinit function, which causes the radvd daemon to run as root and has an unspecified impact...
CVE-2011-3603
The router advertisement daemon radvd before 1.8.2 does not properly handle errors in the privsepinit function, which causes the radvd daemon to run as root and has an unspecified impact...
CVE-2011-3603
The CVE-2011-3603 issue affects the router advertisement daemon (radvd) prior to version 1.8.2. The root cause is improper error handling in privsep_init, which can cause radvd to run with root privileges, leading to a partial confidentiality/integrity/availability impact as described (and noted ...
CVE-2011-3602
CVE-2011-3602 is a directory traversal vulnerability in the router advertisement daemon, radvd, affecting radvd before 1.8.2. An attacker can exploit an interface name containing a “..” to overwrite arbitrary files, and this can be leveraged with a symlink to overwrite additional files. The issue...