Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-os contiki vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-25111
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
668
VMScore
CVE-2020-25112
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
445
VMScore
CVE-2020-13984
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
Contiki-os Contiki
445
VMScore
CVE-2020-13985
An issue exists in Contiki up to and including 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
Contiki-os Contiki
445
VMScore
CVE-2020-13986
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
Contiki-os Contiki
445
VMScore
CVE-2021-28362
An issue exists in Contiki up to and including 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are ...
Contiki-os Contiki
694
VMScore
CVE-2017-7295
An issue exists in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output pro...
Contiki-os Contiki 3.0
445
VMScore
CVE-2021-40523
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violation...
Contiki-os Contiki 3.0
383
VMScore
CVE-2021-38311
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of serv...
Contiki-os Contiki 3.0
445
VMScore
CVE-2021-38386
In Contiki 3.0, a buffer overflow in the Telnet service allows remote malicious users to cause a denial of service because the ls command is mishandled when a directory has many files with long names.
Contiki-os Contiki 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »