9.8
CVE-2014-3931
- EPSS 35.56%
- Veröffentlicht 31.03.2017 16:59:00
- Zuletzt bearbeitet 22.10.2025 00:15:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Loginfastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Multi-router Looking Glass Project ≫ Multi-router Looking Glass Version <= 5.4.1
07.07.2025: CISA Known Exploited Vulnerabilities (KEV) Catalog
Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability
SchwachstelleMulti-Router Looking Glass (MRLG) contains a buffer overflow vulnerability that could allow remote attackers to cause an arbitrary memory write and memory corruption.
BeschreibungApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 35.56% | 0.97 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.