← volver
CVE-2025-15247

gmg137 snap7-rs client.rs download heap-based overflow

CVSS 6.9 MEDIUMEPSS 0.4%CWE-119CWE-122
A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Client::download of the file client.rs. Such manipulation leads to heap-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
gmg137 · snap7-rs

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gitee.com/gmg137/snap7-rs/https://gitee.com/gmg137/snap7-rs/issues/ID2H7Vhttps://vuldb.com/?ctiid.338637https://vuldb.com/?id.338637