Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frrouting frrouting vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-15865
bgpd in FRRouting (FRR) prior to 2.0.2 and 3.x prior to 3.0.2, as used in Cumulus Linux prior to 3.4.3 and other products, allows remote malicious users to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a...
Frrouting Frrouting 3.0
Frrouting Frrouting
Frrouting Frrouting 3.0.1
6.5
CVSSv3
CVE-2019-5892
bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x prior to 3.0.4, 4.x prior to 4.0.1, 5.x prior to 5.0.2, and 6.x prior to 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used for Virtual Network Control, allows remote malicious users to cause a denia...
Frrouting Frrouting
Frrouting Frrouting 4.0
9.8
CVSSv3
CVE-2023-38406
bgpd/bgp_flowspec.c in FRRouting (FRR) prior to 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-38407
bgpd/bgp_label.c in FRRouting (FRR) prior to 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-3748
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an malicious user to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub...
Frrouting Frrouting
5.9
CVSSv3
CVE-2023-46752
An issue exists in FRRouting FRR up to and including 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
Frrouting Frrouting
5.9
CVSSv3
CVE-2023-46753
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-47234
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).
Frrouting Frrouting
7.5
CVSSv3
CVE-2023-47235
An issue exists in FRRouting FRR up to and including 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.
Frrouting Frrouting
7.8
CVSSv3
CVE-2022-26125
Buffer overflow vulnerabilities exist in FRRouting up to and including 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.
Frrouting Frrouting
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »