Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-os contiki vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-25111
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
7.5
CVSSv2
CVE-2020-25112
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
5
CVSSv2
CVE-2021-28362
An issue exists in Contiki up to and including 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are ...
Contiki-os Contiki
5
CVSSv2
CVE-2020-13984
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
Contiki-os Contiki
5
CVSSv2
CVE-2020-13986
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
Contiki-os Contiki
5
CVSSv2
CVE-2020-13985
An issue exists in Contiki up to and including 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
Contiki-os Contiki
7.8
CVSSv2
CVE-2017-7295
An issue exists in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output pro...
Contiki-os Contiki 3.0
4.3
CVSSv2
CVE-2017-7296
An issue exists in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka mqtt.html) of cc26xx-web-demo. The cc26xx-web-demo features a webserver that runs on a constrained device. That particular page allows a user to remot...
Contiki-os Contiki 3.0
5
CVSSv2
CVE-2021-38387
In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to connected clients entering an infinite loop and waiting forever, which may cause excessive CPU consumption.
Contiki-os Contiki 3.0
4.3
CVSSv2
CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of serv...
Contiki-os Contiki 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »