VYPR

InterNiche

by HCC

CVEs (3)

  • CVE-2021-31226CriAug 19, 2021
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50…

  • CVE-2021-31401HigAug 19, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the…

  • CVE-2021-31400HigAug 19, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic…