Treck Tcp Ip vulnerabilities

21 known vulnerabilities affecting treck/tcp_ip.

Total CVEs

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL5HIGH3MEDIUM13

Vulnerabilities

Page 1 of 2

CVE-2020-25066CRITICALCVSS 9.8fixed in 6.0.1.682020-12-22

CVE-2020-25066 [CRITICAL] CWE-787 CVE-2020-25066: A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attack A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.

nvd

CVE-2020-11898CRITICALCVSS 9.1fixed in 6.0.1.662020-06-17

CVE-2020-11898 [CRITICAL] CWE-119 CVE-2020-11898: The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsiste The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.

nvd

CVE-2020-11896CRITICALCVSS 10.0fixed in 6.0.1.662020-06-17

CVE-2020-11896 [CRITICAL] CWE-119 CVE-2020-11896: The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.

nvd

CVE-2020-11901CRITICALCVSS 9.0fixed in 6.0.1.662020-06-17

CVE-2020-11901 [CRITICAL] CWE-125 CVE-2020-11901: The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS respons The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.

nvd

CVE-2020-11897CRITICALCVSS 10.0fixed in 5.0.1.352020-06-17

CVE-2020-11897 [CRITICAL] CWE-787 CVE-2020-11897: The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packet The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.

nvd

CVE-2020-11904HIGHCVSS 7.3fixed in 6.0.1.662020-06-17

CVE-2020-11904 [HIGH] CWE-190 CVE-2020-11904: The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.

nvd

CVE-2020-11900HIGHCVSS 8.2fixed in 6.0.1.412020-06-17

CVE-2020-11900 [HIGH] CWE-415 CVE-2020-11900: The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.

nvd

CVE-2020-11902HIGHCVSS 7.3fixed in 6.0.1.662020-06-17

CVE-2020-11902 [HIGH] CWE-125 CVE-2020-11902: The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.

nvd

CVE-2020-11914MEDIUMCVSS 4.3fixed in 6.0.1.662020-06-17

CVE-2020-11914 [MEDIUM] CWE-125 CVE-2020-11914: The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.

nvd

CVE-2020-11906MEDIUMCVSS 6.3fixed in 6.0.1.662020-06-17

CVE-2020-11906 [MEDIUM] CWE-191 CVE-2020-11906: The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow. The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.

nvd

CVE-2020-11913MEDIUMCVSS 5.3fixed in 6.0.1.662020-06-17

CVE-2020-11913 [MEDIUM] CWE-125 CVE-2020-11913: The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

nvd

CVE-2020-11910MEDIUMCVSS 5.3Exploitedfixed in 6.0.1.662020-06-17

CVE-2020-11910 [MEDIUM] CWE-125 CVE-2020-11910: The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.

nvd

CVE-2020-11899MEDIUMCVSS 5.4KEVfixed in 6.0.1.662020-06-17

CVE-2020-11899 [MEDIUM] CWE-125 CVE-2020-11899: The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

nvd

CVE-2020-11912MEDIUMCVSS 5.3fixed in 6.0.1.662020-06-17

CVE-2020-11912 [MEDIUM] CWE-125 CVE-2020-11912: The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.

nvd

CVE-2020-11909MEDIUMCVSS 5.3fixed in 6.0.1.662020-06-17

CVE-2020-11909 [MEDIUM] CWE-191 CVE-2020-11909: The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow. The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.

nvd

CVE-2020-11911MEDIUMCVSS 5.3fixed in 6.0.1.662020-06-17

CVE-2020-11911 [MEDIUM] CWE-732 CVE-2020-11911: The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control. The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.

nvd

CVE-2020-11905MEDIUMCVSS 6.5fixed in 6.0.1.662020-06-17

CVE-2020-11905 [MEDIUM] CWE-125 CVE-2020-11905: The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.

nvd

CVE-2020-11903MEDIUMCVSS 6.5fixed in 6.0.1.282020-06-17

CVE-2020-11903 [MEDIUM] CWE-125 CVE-2020-11903: The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.

nvd

CVE-2020-11908MEDIUMCVSS 4.3fixed in 4.7.1.272020-06-17

CVE-2020-11908 [MEDIUM] CVE-2020-11908: The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP. The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.

nvd

CVE-2020-11907MEDIUMCVSS 6.3fixed in 6.0.1.662020-06-17

CVE-2020-11907 [MEDIUM] CVE-2020-11907: The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP. The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.

nvd

1 / 2Next →