Skip to main content

Accel Ppp

3 CVEs product

Monthly

CVE-2022-0982 CRITICAL Act Now

The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Accel Ppp
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-42054 HIGH POC This Week

ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Accel Ppp
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-15173 CRITICAL PATCH Act Now

In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Accel Ppp
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
EPSS 1% CVSS 9.8
CRITICAL Act Now

The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Accel Ppp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Accel Ppp
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Accel Ppp
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy