Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-os contiki 3.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7295
An issue exists in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output pro...
Contiki-os Contiki 3.0
7.5
CVSSv3
CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of serv...
Contiki-os Contiki 3.0
6.1
CVSSv3
CVE-2017-7296
An issue exists in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka mqtt.html) of cc26xx-web-demo. The cc26xx-web-demo features a webserver that runs on a constrained device. That particular page allows a user to remot...
Contiki-os Contiki 3.0
7.5
CVSSv3
CVE-2021-40523
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violation...
Contiki-os Contiki 3.0
7.5
CVSSv3
CVE-2021-38386
In Contiki 3.0, a buffer overflow in the Telnet service allows remote malicious users to cause a denial of service because the ls command is mishandled when a directory has many files with long names.
Contiki-os Contiki 3.0
7.5
CVSSv3
CVE-2021-38387
In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to connected clients entering an infinite loop and waiting forever, which may cause excessive CPU consumption.
Contiki-os Contiki 3.0
9.8
CVSSv3
CVE-2020-25112
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
9.8
CVSSv3
CVE-2020-25111
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
7.5
CVSSv3
CVE-2020-13984
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
Contiki-os Contiki
7.5
CVSSv3
CVE-2020-13986
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
Contiki-os Contiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »