Eclipse

Threadx Netx Duo

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-55086

  • EPSS 0.07%
  • Veröffentlicht 20.10.2025 17:49:29
  • Zuletzt bearbeitet 24.10.2025 15:46:24

In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of ...

7.5

CVE-2025-55085

Exploit
  • EPSS 0.25%
  • Veröffentlicht 17.10.2025 14:22:28
  • Zuletzt bearbeitet 27.10.2025 14:33:47

In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.

7.5

CVE-2025-55087

  • EPSS 0.15%
  • Veröffentlicht 17.10.2025 06:15:34
  • Zuletzt bearbeitet 24.10.2025 20:24:27

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters.

7.5

CVE-2025-55094

  • EPSS 0.05%
  • Veröffentlicht 17.10.2025 05:29:00
  • Zuletzt bearbeitet 24.10.2025 20:25:25

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options.

5.3

CVE-2025-55093

  • EPSS 0.04%
  • Veröffentlicht 17.10.2025 05:15:35
  • Zuletzt bearbeitet 24.10.2025 20:23:41

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory.

5.3

CVE-2025-55092

  • EPSS 0.04%
  • Veröffentlicht 17.10.2025 05:15:35
  • Zuletzt bearbeitet 24.10.2025 20:22:11

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option.

6.5

CVE-2025-55091

  • EPSS 0.06%
  • Veröffentlicht 16.10.2025 07:56:33
  • Zuletzt bearbeitet 21.10.2025 17:09:46

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data.

6.5

CVE-2025-55090

  • EPSS 0.06%
  • Veröffentlicht 16.10.2025 06:43:17
  • Zuletzt bearbeitet 21.10.2025 17:08:50

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet.

5.3

CVE-2025-55084

  • EPSS 0.04%
  • Veröffentlicht 16.10.2025 06:29:35
  • Zuletzt bearbeitet 21.10.2025 17:06:58

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.

5.3

CVE-2025-55083

  • EPSS 0.04%
  • Veröffentlicht 15.10.2025 14:11:23
  • Zuletzt bearbeitet 21.10.2025 17:04:27

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.