Skip to main content

Open Tftp Server

3 CVEs product

Monthly

CVE-2020-26130 HIGH POC This Week

Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Open Tftp Server
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-12568 CRITICAL PATCH Act Now

Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE Memory Corruption Open Tftp Server
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2019-12567 CRITICAL PATCH Act Now

Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE Memory Corruption Open Tftp Server
NVD
CVSS 3.1
9.8
EPSS
2.3%
EPSS 0% CVSS 7.8
HIGH POC This Week

Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Open Tftp Server
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy