Lucene search
+L

259 matches found

cnnvd
cnnvd
added 2024/05/21 12:0 a.m.7 views

RTI Connext Professional 安全漏洞

RTI Connext Professional is a connectivity platform from RTI USA designed to meet the demanding requirements of the Industrial Internet of Things IIoT. A security vulnerability exists in RTI Connext Professional versions 5.3.1 through prior to 6.1.1, which stems from the presence of a buffer...

7.3CVSS7.5AI score0.00183EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/05/21 12:0 a.m.15 views

PT-2024-21114 · Real Time Innovations · Rti Connext Professional

Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.3.1 through 6.1.0 Description: A buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected...

7.3CVSS8.1AI score0.00183EPSS
Exploits0References7
code423n4
code423n4
added 2022/06/19 12:0 a.m.22 views

Malicious Relayer Can Replay Execute Calldata On Different Chains Causing Double-Spend Issue

Lines of code Vulnerability details Proof-of-Concept This issue is only applicable for fast-transfer. Slow transfer would not have this issue because of the built-in fraud-proof mechanism in Nomad. First, the attacker will attempt to use Connext to send 1000 USDC from Ethereum domain to Optimism...

6.5AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.11 views

_handleExecuteTransaction may not working correctly on fee-on-transfer tokens. Moreover, if it is failed, fund may be locked forever.

Lines of code Vulnerability details Impact handleExecuteTransaction may not working correctly on fee-on-transfer tokens. As duplicated fee is applied to fee on transfer token when executing a arbitrary call message passing request. Moreover, the Executor contract increase allowance on that token...

7.4AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.11 views

Relayer Will Not Receive Any Fee If execute Reverts

Lines of code Vulnerability details Proof-of-Concept Connext relies on the relayer to trigger the BridgeFacet.execute function on the destination domain to initiate the token transfer and calldata execution processes. Relayers pay for the gas cost to trigger the execute function, and in return fo...

7.1AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.9 views

function removeRouter() in RouterFacet don't check that router has balance and don't transfer it, it just set router owner and recipient to 0x0 which can cause make router balance in danger or unavailable for router owner

Lines of code Vulnerability details Impact There are some security levels for router, like setting owner and recipient and when removeRouter is called this values set to 0x0 and router address become vulnerable. contract should transfer router balance to recipient before removing it. Proof of...

6.8AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.17 views

Router Owner Could Steal All The Funds Within SponsorVault

Lines of code Vulnerability details Proof-of-Concept Assume the following: For simplity sake, only two 2 routers exist within Connext. Gas, relayer, callback fees and slippage are ignored. An attacker owns Router A. Router A has 1,000,000 oUSDC on Optimism Domain/Chain Router B has only 100 oUSDC...

6.7AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.10 views

Router Owner Could Be Rugged By Admin

Lines of code Vulnerability details Proof-of-Concept Assume that Alice's router has large amount of liquidity inside. Assume that the Connext Admin decided to remove a router owned by Alice. The Connext Admin will call the RoutersFacet.removeRouter function, and all information related to Alice's...

6.6AI score
Exploits0
code423n4
code423n4
added 2022/06/19 12:0 a.m.20 views

Routers Are Not Enforced To Repay AAVE Portal Loan

Lines of code Vulnerability details Background AAVE Portal AAVE portal provides a trusted credit line that allows bridges to take on an unbacked position, and Connext intents to use this credit line to provide fast-liquidity for its users in the event the routers do not have sufficient liquidity...

6.7AI score
Exploits0
nvd
nvd
added 2022/05/05 5:15 p.m.34 views

CVE-2021-38433

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

7.8CVSS0.00546EPSS
Exploits0References2
osv
osv
added 2022/05/05 5:15 p.m.6 views

CVE-2021-38487

RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...

9.1CVSS5.8AI score0.03334EPSS
Exploits0References3
osv
osv
added 2022/05/05 5:15 p.m.5 views

CVE-2021-38427

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

7.8CVSS7.6AI score0.00546EPSS
Exploits0References2
nvd
nvd
added 2022/05/05 5:15 p.m.22 views

CVE-2021-38427

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

7.8CVSS0.00546EPSS
Exploits0References2
nvd
nvd
added 2022/05/05 5:15 p.m.31 views

CVE-2021-38487

RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...

9.1CVSS0.03334EPSS
Exploits0References3
nvd
nvd
added 2022/05/05 5:15 p.m.34 views

CVE-2021-38435

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow...

9.8CVSS0.01424EPSS
Exploits0References2
prion
prion
added 2022/05/05 5:15 p.m.19 views

Buffer overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow...

7.5CVSS9.4AI score0.01424EPSS
Exploits0References2Affected Software2
prion
prion
added 2022/05/05 5:15 p.m.19 views

Stack overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

4.6CVSS8.4AI score0.00546EPSS
Exploits0References2Affected Software2
prion
prion
added 2022/05/05 5:15 p.m.14 views

Stack overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code...

4.6CVSS8.4AI score0.00546EPSS
Exploits0References2Affected Software2
prion
prion
added 2022/05/05 5:15 p.m.18 views

Design/Logic Flaw

RTI Connext DDS Professional, Connext DDS Secure versions 4.2x to 6.1.0, and Connext DDS Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information...

6.4CVSS8.9AI score0.03334EPSS
Exploits0References2Affected Software3
vulnrichment
vulnrichment
added 2022/05/05 3:27 p.m.13 views

CVE-2021-38435 RTI Connext DDS Professional and Connext DDS Secure Incorrect Calculation of Buffer Size

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow...

6.6CVSS7AI score0.01424EPSS
Exploits0References2
Rows per page
Query Builder