cbcvebase.
CVE-2014-3931
published 2017-03-31

CVE-2014-3931: fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.

PriorityP182critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2025-07-28
Exploited in the wild
EPSS
26.57%
97.8th percentile
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.

Affected

1 ranges
VendorProductVersion rangeFixed in
multi-router_looking_glass_projectmulti-router_looking_glass<= 5.4.1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerable component is fastping.c in MRLG (Multi-Router Looking Glass) before version 5.5.0; monitor for exploitation attempts targeting this component via network-facing MRLG instances
  • Detect buffer overflow exploitation attempts against publicly exposed Multi-Router Looking Glass (MRLG) services; anomalous memory write patterns or crashes in MRLG processes may indicate active exploitation
  • ·MRLG instances prior to version 5.5.0 are vulnerable; upgrade to 5.5.0 or later per vendor instructions at the referenced project URL
  • ·CISA mandates remediation by 2025-07-28; if mitigations are unavailable, discontinue use of the product

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.