Daniele Lacamera

3 exploits Active since Jun 2023
CVE-2023-35846 WRITEUP HIGH WRITEUP
VirtualSquare picoTCP <2.1 - Buffer Overflow
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.
CVSS 7.5
CVE-2023-35847 WRITEUP HIGH WRITEUP
Virtualsquare Picotcp < 2.1 - Use of Uninitialized Resource
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).
CVSS 7.5
CVE-2023-35849 WRITEUP HIGH WRITEUP
Virtualsquare Picotcp < 2.1 - Improper Condition Check
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet.
CVSS 7.5