Medium severity5.3OSV Advisory· Published Aug 19, 2025· Updated Apr 29, 2026

CVE-2025-9157

Description

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue.

Affected products

Appneta/TcpreplayOSV
Range: v3.4.2, v3.4.3, v3.4.4, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drive.google.com/file/d/1_aONM_TOF96JbnYviPyZhVk-7HObtX8H/viewnvd
github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35danvd
github.com/appneta/tcpreplay/issues/970nvd
github.com/appneta/tcpreplay/issues/970nvd
vuldb.comnvd
vuldb.comnvd
vuldb.comnvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000