Описание
A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2022-10-18 (исключая)
cpe:2.3:a:opener_project:opener:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00162
Низкий
7.5 High
CVSS3
Дефекты
CWE-824
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
A use-of-uninitialized-pointer vulnerability exists in the Forward Open connection_management_entry functionality of EIP Stack Group OpENer development commit 58ee13c. A specially-crafted EtherNet/IP request can lead to use of a null pointer, causing the server to crash. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.
EPSS
Процентиль: 37%
0.00162
Низкий
7.5 High
CVSS3
Дефекты
CWE-824