Skip to main content

Freertos Plus Tcp

6 CVEs product

Monthly

CVE-2026-7426 MEDIUM PATCH This Month

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Memory Corruption Freertos Plus Tcp
NVD GitHub VulDB
CVSS 4.0
6.1
EPSS
0.0%
CVE-2026-7425 MEDIUM PATCH This Month

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Information Disclosure Denial Of Service Freertos Plus Tcp
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-7424 HIGH PATCH This Week

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer.

Integer Overflow Denial Of Service Freertos Plus Tcp
NVD GitHub VulDB
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-7423 MEDIUM PATCH This Month

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Integer Overflow Denial Of Service Freertos Plus Tcp
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-7422 HIGH PATCH This Week

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available.

Authentication Bypass Freertos Plus Tcp
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2024-38373 HIGH This Week

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Freertos Plus Tcp
NVD GitHub
CVSS 3.1
8.1
EPSS
0.6%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Memory Corruption Freertos Plus Tcp
NVD GitHub VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Information Disclosure Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer.

Integer Overflow Denial Of Service Freertos Plus Tcp
NVD GitHub VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available.

Buffer Overflow Integer Overflow Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint. To mitigate this issue, users should upgrade to the fixed version when available.

Authentication Bypass Freertos Plus Tcp
NVD GitHub VulDB
EPSS 1% CVSS 8.1
HIGH This Week

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Freertos Plus Tcp
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy