cbcvebase.

Broadcom Tcpreplay vulnerabilities

51 known vulnerabilities affecting broadcom/tcpreplay.

Total CVEs
51
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH33MEDIUM16

Vulnerabilities

Page 3 of 3
CVE-2025-9384P4MEDIUMCVSS 5.5≤ 4.5.12025-08-24
CVE-2025-9384 [MEDIUM] CWE-404 CVE-2025-9384: A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this
nvdosv
CVE-2025-9385P4MEDIUMCVSS 5.5≤ 4.5.12025-08-24
CVE-2025-9385 [MEDIUM] CWE-119 CVE-2025-9385: A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fi
nvdosv
CVE-2018-17974P4MEDIUMCVSS 5.5v4.3.02018-10-03
CVE-2018-17974 [MEDIUM] CWE-125 CVE-2018-17974: An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure
nvdosv
CVE-2020-18976P4MEDIUMCVSS 5.5v4.3.22021-08-25
CVE-2020-18976 [MEDIUM] CVE-2020-18976: Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checks Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381.
nvdosv
CVE-2020-23273P4MEDIUMCVSS 5.5v4.3.22021-09-22
CVE-2020-23273 [MEDIUM] CWE-787 CVE-2020-23273: Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows at Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.
nvdosv
CVE-2023-4256P4MEDIUMCVSS 5.5v4.4.3v4.4.42023-12-21
CVE-2023-4256 [MEDIUM] CWE-415 CVE-2023-4256: Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cl Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
nvdosv
CVE-2018-18407P4MEDIUMCVSS 5.5v4.3.02018-10-17
CVE-2018-18407 [MEDIUM] CWE-125 CVE-2018-18407: A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
nvdosv
CVE-2022-27939P4MEDIUMCVSS 5.5v4.4.12022-03-26
CVE-2022-27939 [MEDIUM] CWE-617 CVE-2022-27939: tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
nvdosv
CVE-2021-45387P4MEDIUMCVSS 5.5v4.3.42022-02-11
CVE-2021-45387 [MEDIUM] CWE-617 CVE-2021-45387: tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c. tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
nvdosv
CVE-2021-45386P4MEDIUMCVSS 5.5v4.3.42022-02-11
CVE-2021-45386 [MEDIUM] CWE-617 CVE-2021-45386: tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
nvdosv
CVE-2022-25484P4MEDIUMCVSS 5.5v4.4.12022-03-22
CVE-2022-25484 [MEDIUM] CWE-617 CVE-2022-25484: tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.
nvdosv
Broadcom Tcpreplay vulnerabilities | cvebase