Treck: Security Vulnerabilities
The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.
CVSS Score
4.3
EPSS Score
0.006
Published
2020-06-17
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
CVSS Score
5.3
EPSS Score
0.021
Published
2020-06-17
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
CVSS Score
10.0
EPSS Score
0.339
Published
2020-06-17
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CVSS Score
5.3
EPSS Score
0.2
Published
2020-06-02
Page 3