CVE-2021-34067

MEDIUM

tsMuxer 2.6.16 - Denial of Service via Crafted File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-34067. PoCs published by cemonatk.

AI-analyzed exploit summary This repository contains a detailed technical writeup of CVE-2021-34067, a heap-based buffer overflow in tsMuxer 2.6.16. It includes an AddressSanitizer (ASan) output and a proof-of-concept (PoC) description, demonstrating how a crafted file can trigger a Denial of Service (DoS).

Description

Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.

Exploits (1)

github WRITEUP 3 stars
by cemonatk · poc
https://github.com/cemonatk/onefuzzyway/tree/main/CVEs/tsMuxer/CVE-2021-34067.md

This repository contains a detailed technical writeup of CVE-2021-34067, a heap-based buffer overflow in tsMuxer 2.6.16. It includes an AddressSanitizer (ASan) output and a proof-of-concept (PoC) description, demonstrating how a crafted file can trigger a Denial of Service (DoS).

Classification
Writeup 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: tsMuxer 2.6.16
No auth needed
Prerequisites: A crafted file to trigger the heap-based buffer overflow
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://github.com/justdan96/tsMuxer/pull/422/files
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/justdan96/tsMuxer/issues/424

Scores

CVSS v3 5.5
EPSS 0.0083
EPSS Percentile 52.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (1)
tsmuxer_project/tsmuxer 2.6.16
Published Jun 23, 2021
Tracked Since Feb 18, 2026