VYPR
Vendor

InterNiche

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2020-25928CriAug 18, 2021
    risk 0.64cvss 9.8epss 0.04

    The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response…

  • CVE-2021-31401HigAug 19, 2021
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the…

  • CVE-2021-27565HigAug 19, 2021
    risk 0.49cvss 7.5epss 0.03

    The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop()…

  • CVE-2020-25927HigAug 18, 2021
    risk 0.49cvss 7.5epss 0.02

    The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Out-of-bounds Read. The impact is: a denial of service (remote). The component is: DNS response processing in function: dns_upcall(). The attack vector is: a specific DNS response packet. The code does not…

  • CVE-2020-25926HigAug 18, 2021
    risk 0.49cvss 7.5epss 0.01

    The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). The attack vector is: a specific DNS response packet.