Treck: >> Tcp/ip >> 6.0.1.66 Security Vulnerabilities
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
CVSS Score
10.0
EPSS Score
0.037
Published
2020-12-22
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
CVSS Score
5.3
EPSS Score
0.157
Published
2020-06-02