CRITICAL🇬🇧 English

CVE-2020-28194

CVSS 9.8v3.1pub. 2021-02-01upd. 2024-11-21

Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Accel Ppp

    APP
    Accel-Ppp
    < 1.12.0-e9d369a
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2022-0982CRITICAL9.8ten sam produkt

The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerabili...

CVE-2022-24704CRITICAL9.8ten sam produkt

The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerabilit...

CVE-2022-24705CRITICAL9.8ten sam produkt

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-...

CVE-2021-42870HIGH7.5ten sam produkt

ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.

CVE-2021-42054HIGH7.5ten sam produkt

ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication...

CVE-2020-28194 — CRITICAL 9.8 | CVEbaza.pl