The DNS feature in InterNiche... CVE-2020-25928

7.5 AV AC AU C I A
发布: 2021-08-18
修订: 2024-11-21

The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the "response data length" field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息