← back
CVE-2014-3931

CVE-2014-3931

CVSS 9.8 CRITICALEPSS 26.6%● KEVCWE-119
In short

A vulnerability in MRLG's fastping.c allows remote attackers to write data to arbitrary memory locations, causing the application to crash or potentially execute malicious code. This is a critical flaw because it requires no authentication and can be exploited over the network.

Technical detail

CWE-119 buffer overflow in fastping.c enables remote unauthenticated attackers to write to arbitrary memory addresses, leading to memory corruption and potential code execution. The attack vector is network-based with no prerequisites, resulting in high severity due to the ability to compromise system integrity and availability.

Summary generated and translated by AI from the official description.
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://mrlg.op-sec.us/https://hackerone.com/reports/16330https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-3931http://www.s3.eurecom.fr/cve/CVE-2014-3931.txt