CVE-2017-14266

HIGH

Tcpreplay 3.4.4 - Heap-Based Buffer Overflow via Crafted PCAP File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-14266. PoCs published by FarazPajohan.

AI-analyzed exploit summary This exploit demonstrates a heap-based buffer overflow in tcprewrite (CVE-2017-14266) by crafting a malicious PCAP file. The PoC uses Dr. Memory to show unauthorised memory access and potential code execution.

Description

tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.

Exploits (1)

exploitdb WORKING POC

by FarazPajohan · textdoslinux

https://www.exploit-db.com/exploits/42652

View Code ZIP pw:eip

This exploit demonstrates a heap-based buffer overflow in tcprewrite (CVE-2017-14266) by crafting a malicious PCAP file. The PoC uses Dr. Memory to show unauthorised memory access and potential code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Tcpreplay 3.4.4

No auth needed

Prerequisites: Crafted PCAP file · Access to tcprewrite tool

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42652/

Scores

CVSS v3 7.8

EPSS 0.0359

EPSS Percentile 87.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

broadcom/tcpreplay 3.4.4

Published Sep 12, 2017

Tracked Since Feb 18, 2026