CVE-2022-46378
CVSS V2 None
CVSS V3 None
Description
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command.
Overview
- CVE ID
- CVE-2022-46378
- Assigner
- talos-cna@cisco.com
- Vulnerability Status
- Received
- Published Version
- 2023-05-10T16:15:10
- Last Modified Date
- 2023-05-10T16:15:10
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/weston-embedded/uC-FTPs/pull/2 | |
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1681 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-46378 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46378 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-05-10 17:02:01 | Added to TrackCVE | |||
2023-05-10 17:02:09 | Weakness Enumeration | new |