Skip to main content

Echo Mate CVE-2026-4736

| EUVDEUVD-2026-14705 HIGH
Improper Handling of Values (CWE-229)
2026-03-24 GovTech CSG GHSA-j843-m256-pf25
7.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Amber

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Amber
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
N

Lifecycle Timeline

4
EUVD ID Assigned
Mar 24, 2026 - 03:30 euvd
EUVD-2026-14705
Analysis Generated
Mar 24, 2026 - 03:30 vuln.today
Patch released
Mar 24, 2026 - 03:30 nvd
Patch available
CVE Published
Mar 24, 2026 - 03:11 nvd
HIGH 7.3

DescriptionCVE.org

Improper Handling of Values vulnerability in No-Chicken Echo-Mate (SDK/rv1106-sdk/sysdrv/source/kernel/include/net/netfilter modules). This vulnerability is associated with program files nf_tables.H‎, nft_byteorder.C‎, nft_meta.C‎.

This issue affects Echo-Mate: before V250329.

AnalysisAI

Improper handling of values in the netfilter modules of Echo-Mate SDK versions before V250329 allows local attackers with low privileges to achieve high-impact confidentiality, integrity, and availability violations through manipulation of nf_tables, nft_byteorder, or nft_meta components. The vulnerability requires local access and specific conditions to exploit but poses significant risk to system security with confirmed patch availability.

Technical ContextAI

The vulnerability resides in the Echo-Mate SDK's netfilter subsystem implementation within the Linux kernel include files. Specifically, the affected modules handle packet filtering and byte-order operations in the nftables framework. CWE-229 (Improper Handling of Values) indicates that the code fails to properly validate, sanitize, or process values before use, which in the context of netfilter operations could allow improper access to packet metadata or filter state. The CPE identifier cpe:2.3:a:no-chicken:echo-mate:*:*:*:*:*:*:*:* confirms the vulnerability spans all versions of Echo-Mate prior to the patched release V250329. Netfilter is a core kernel subsystem responsible for network packet processing, making this a privileged-level component.

RemediationAI

Upgrade No-Chicken Echo-Mate to version V250329 or later immediately, as the patch is available from the vendor. The recommended approach is to pull the latest changes from the official repository, particularly the netfilter module fixes, and rebuild the SDK. For systems unable to patch immediately, restrict network access to Echo-Mate deployments to trusted internal networks only, and apply additional packet filtering rules at the network boundary to limit exposure of any information disclosure vectors. Review the patch details at https://github.com/No-Chicken/Echo-Mate/pull/8 to understand the specific fixes applied. Post-upgrade, test the netfilter functionality in a staging environment before production deployment.

Share

CVE-2026-4736 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy