📦

tcp\/ip

Vendor: treck

Actively Exploited 1 CISA KEV List

PoC / Exploits 3 Code Available

Total RCEs 3 Remote Access

Total CVEs 21 Total Indexed

Avg. EPSS 10.45% Exploit Prob.

Latest CVE CVE-2020-25066 Dec 22

Security Vulnerability Index

Page 1 / 3

10.0 CVSS

CVE-2020-25066

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.

EPSS: 3.75%

Severity: CRITICAL

Dec 22, 2020

4.3 CVSS

CVE-2020-11914

The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.

EPSS: 0.51%

Severity: MEDIUM

Jun 17, 2020

5.3 CVSS

CVE-2020-11913

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

EPSS: 3.18%

Severity: MEDIUM

Jun 17, 2020

5.3 CVSS

CVE-2020-11912

The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.

EPSS: 1.54%

Severity: MEDIUM

Jun 17, 2020

5.3 CVSS

CVE-2020-11911

The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.

EPSS: 2.94%

Severity: MEDIUM

Jun 17, 2020

5.3 CVSS

CVE-2020-11910

The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.

EPSS: 2.93%

Severity: MEDIUM

Jun 17, 2020

5.3 CVSS

CVE-2020-11909

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.

EPSS: 2.43%

Severity: MEDIUM

Jun 17, 2020

4.3 CVSS

CVE-2020-11908

The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.

EPSS: 0.56%

Severity: MEDIUM

Jun 17, 2020

6.3 CVSS

CVE-2020-11907

The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.

EPSS: 1.09%

Severity: MEDIUM

Jun 17, 2020

6.3 CVSS

CVE-2020-11906

The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.

EPSS: 0.80%

Severity: MEDIUM

Jun 17, 2020

Displaying 10 of 21 Total Entries

1 2 3

Total 3 Sections