CVE-2026-8836

A flaw was found in lwIP. A remote attacker can exploit a stack-based buffer overflow vulnerability in the snmpparseinboundframe function within the SNMPv3 User-based Security Model USM Handler. By manipulating specific authentication parameters, an attacker could potentially achieve arbitrary co...

UBUNTU-CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

CVE-2026-8836 lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

CVE-2026-8836

Summary: lwIP up to 2.2.1 contains a vulnerability in the SNMPv3 USM handler. The issue is in the function snmp_parse_inbound_frame (file: src/apps/snmp/snmp_msg.c) where manipulating msgAuthenticationParameters can cause a stack-based buffer overflow. The attack is potentially remote. A patch is...

CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

PT-2026-41721

Name of the Vulnerable Software and Affected Versions lwIP versions prior to 2.2.2 Description A stack-based buffer overflow exists in the snmpv3 USM Handler component. A remote attacker can trigger this issue by manipulating the msgAuthenticationParameters argument within the snmp parse inbound...

PT-2025-2989 · Lwip · Lwip

Name of the Vulnerable Software and Affected Versions: lwip affected versions not specified Description: The issue is related to a possible out of bounds write due to an integer overflow in the prepare response function of lwis periodic io.c. This could lead to local escalation of privilege with ...

Third party vulnerabilities in SICK CDE-100

The SICK CDE-100 uses the open-source libraries FreeRTOS, lwIP and MCU Boot. The used libraries contain vulnerabilities that affect the SICK CDE-100...

DEBIAN-CVE-2020-22284

A buffer overflow vulnerability in the zepiflinkoutput function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet...

UBUNTU-CVE-2020-22284

A buffer overflow vulnerability in the zepiflinkoutput function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet...

lwip 安全漏洞

lwip is an open source TCP/IP stack implementation. A security vulnerability exists in lwIP that allows an attacker to exploit the vulnerability to access sensitive information via a crafted 6LoWPAN packet...