Vulnerability Details CVE-2021-33889
OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metric_len.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.0%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0019/FEYE-2021-0019.md
- https://github.com/openthread/wpantund/issues/502
- https://github.com/openthread/wpantund/releases
- https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0019/FEYE-2021-0019.md
- https://github.com/openthread/wpantund/issues/502
- https://github.com/openthread/wpantund/releases
Products affected by CVE-2021-33889
-
cpe:2.3:a:openthread:wpantund:-
-
cpe:2.3:a:openthread:wpantund:2020-05-28
-
cpe:2.3:a:openthread:wpantund:2021-07-02