📦

tcp\/ip

Vendor: treck

Login to add this product to WatchStack
Actively Exploited 1 CISA KEV List
PoC / Exploits 3 Code Available
Total RCEs 3 Remote Access
Total CVEs 21 Total Indexed
Avg. EPSS 10.45% Exploit Prob.
Latest CVE CVE-2020-25066 Dec 22

Security Vulnerability Index

Page 2 / 3
6.5 CVSS
CVE-2020-11905

The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.

EPSS: 0.57%
7.3 CVSS
CVE-2020-11904

The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.

EPSS: 3.44%
6.5 CVSS
CVE-2020-11903

The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.

EPSS: 0.71%
7.3 CVSS
CVE-2020-11902

The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.

EPSS: 5.06%
9.0 CVSS
CVE-2020-11901
RCE Exploit Found

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.

EPSS: 29.01%
8.2 CVSS
CVE-2020-11900

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.

EPSS: 7.85%
5.4 CVSS
CVE-2020-11899

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.

EPSS: 35.27%
9.1 CVSS
CVE-2020-11898

The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.

EPSS: 57.97%
10.0 CVSS
CVE-2020-11897
RCE Exploit Found

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.

EPSS: 1.84%
10.0 CVSS
CVE-2020-11896
RCE Exploit Found

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.

EPSS: 42.88%