Tcpreplay
Source repositories
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14266 | Hig | 0.54 | 7.8 | 0.04 | Sep 12, 2017 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | ||
| CVE-2017-6429 | Hig | 0.51 | 7.8 | 0.03 | Mar 15, 2017 | Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | ||
| CVE-2016-6160 | Hig | 0.49 | 7.5 | 0.02 | Jan 23, 2017 | tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266. | ||
| CVE-2025-9386 | Med | 0.34 | 5.3 | 0.00 | Aug 24, 2025 | A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been… | ||
| CVE-2025-9385 | Med | 0.34 | 5.3 | 0.00 | Aug 24, 2025 | A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been… | ||
| CVE-2025-9649 | Low | 0.21 | 3.3 | 0.00 | Aug 29, 2025 | A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.… | ||
| CVE-2025-9384 | Low | 0.21 | 3.3 | 0.00 | Aug 24, 2025 | A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may… | ||
| CVE-2025-9019 | Low | 0.20 | 3.1 | 0.01 | Aug 15, 2025 | A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather… | ||
| CVE-2025-51005 | 0.00 | — | 0.00 | Sep 23, 2025 | A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible… | |||
| CVE-2024-22654 | 0.00 | — | 0.00 | May 29, 2025 | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. | |||
| CVE-2023-43279 | 0.00 | — | 0.01 | Mar 12, 2024 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. | |||
| CVE-2023-27785 | 0.00 | — | 0.01 | Mar 16, 2023 | An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | |||
| CVE-2023-27784 | 0.00 | — | 0.01 | Mar 16, 2023 | An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. |
- risk 0.54cvss 7.8epss 0.04
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
- risk 0.51cvss 7.8epss 0.03
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
- risk 0.49cvss 7.5epss 0.02
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.
- risk 0.34cvss 5.3epss 0.00
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been…
- risk 0.34cvss 5.3epss 0.00
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been…
- risk 0.21cvss 3.3epss 0.00
A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.…
- risk 0.21cvss 3.3epss 0.00
A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may…
- risk 0.20cvss 3.1epss 0.01
A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather…
- CVE-2025-51005Sep 23, 2025risk 0.00cvss —epss 0.00
A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible…
- CVE-2024-22654May 29, 2025risk 0.00cvss —epss 0.00
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
- CVE-2023-43279Mar 12, 2024risk 0.00cvss —epss 0.01
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
- CVE-2023-27785Mar 16, 2023risk 0.00cvss —epss 0.01
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.
- CVE-2023-27784Mar 16, 2023risk 0.00cvss —epss 0.01
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.