Christian W. Zuckschwerdt - Security Researcher - Exploit Intelligence Platform

CVE-2022-25050 WRITEUP MEDIUM WRITEUP

RTL 433 Rlt 433 - Out-of-Bounds Write

rtl_433 21.12 was discovered to contain a stack overflow in the function somfy_iohc_decode(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

CVSS 5.5

View Code

CVE-2022-25051 WRITEUP MEDIUM WRITEUP

rtl_433 <21.12 - Buffer Overflow

An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when decoding a crafted file.

CVSS 5.5

View Code

CVE-2025-34450 WRITEUP HIGH WRITEUP

Rtl 433 < 25.02 - Out-of-Bounds Write

merbanan/rtl_433 versions up to and including 25.02 and prior to commit 25e47f8 contain a stack-based buffer overflow vulnerability in the function parse_rfraw() located in src/rfraw.c. When processing crafted or excessively large raw RF input data, the application may write beyond the bounds of a stack buffer, resulting in memory corruption or a crash. This vulnerability can be exploited to cause a denial of service and, under certain conditions, may be leveraged for further exploitation depending on the execution environment and available mitigations.

CVSS 7.8

View Code