VYPR

Freertos Plus TCP

by Amazon

Source repositories

CVEs (5)

  • CVE-2026-7426HigApr 29, 2026
    risk 0.46cvss 8.1epss 0.00

    Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the…

  • CVE-2026-7424HigApr 29, 2026
    risk 0.46cvss 8.1epss 0.00

    Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze…

  • CVE-2026-7425MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION…

  • CVE-2026-7422MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the…

  • CVE-2026-7423MedApr 29, 2026
    risk 0.27cvss 5.3epss 0.00

    Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length…

VYPR — Vulnerability Intelligence