Description
An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which can result in sensitive information disclosure and Denial Of Service. In order to trigger this vulnerability, an attacker needs to send a specially crafted packet to the vulnerable server.
References (2)
Core 2
Core References
Broken Link, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0976
Exploit, Third Party Advisory x_refsource_misc
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-0976
Scores
CVSS v3
8.2
EPSS
0.0257
EPSS Percentile
83.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Details
CWE
CWE-190
Status
published
Products (1)
minisnmpd_project/minisnmpd
1.4
Published
Feb 04, 2020
Tracked Since
Feb 18, 2026