lwip-2026-pocs

lwip-2026-pocs Proof-of-concept exploits from the xchglabs...

PT-2025-51236

A security issue was found in the IPv6 stack in the Micro850 and Micro870 controllers when the controllers received multiple malformed packets during fuzzing. The controllers will go into recoverable fault with fault code 0xFE60. To recover the controller, clear the fault...

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from a potential out-of-bounds read issue in the nxipv4packetreceive function when receiving Ethernet...

SUSE CVE-2016-7039

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...

Suricata 缓冲区错误漏洞

Suricata is a network intrusion detection system IDS, intrusion prevention system IPS, and network security monitoring engine developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load pre-defined...

lwip 安全漏洞

lwip is an open source TCP/IP stack implementation. A security vulnerability exists in lwIP that allows an attacker to exploit the vulnerability to access sensitive information via a crafted 6LoWPAN packet...

Input validation vulnerability in multiple Huawei products

Huawei S2300 and others are switching devices from Huawei in China.IP stack is one of the transport protocols. A security vulnerability exists in the IP stack of several Huawei products, which stems from the failure of the message processing module to correctly determine the IP option length. The...

Denial of Service Vulnerability in Schneider M218 TCP/IP Stack

The Modicon M218 is a compact programmable logic controller manufactured by Schneider Electric of France. A denial of service vulnerability exists in the Schneider Electric M218 TCP/IP stack, where an IP message with an abnormal IP header 0 in the IPTotalLength field and 6 in the IPProtocol field...

Land Attack Vulnerability in Schneider 140NOE77101 Ethernet Module

The 40NOE77101 is an Ethernet communication module for Schneider's Quantum series PLCs. A Land attack vulnerability exists in the TCP/IP stack of the Schneider 140NOE77101 Ethernet module. Since the program sends TCP SYN messages with the same source and destination IP both IP addresses of the...

Linux kernel IP stack denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the IP stack in Linux kernel 4.5.7 and earlier versions. A remote attacker could exploit this vulnerability to cause a denial of service...