CVE-2025-51005

HIGH

tcpreplay 4.5.1 - Heap-based Buffer Overflow in Checksum Calculation Logic

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-51005. PoCs published by sy460129.

AI-analyzed exploit summary The repository describes a heap buffer overflow in tcpreplay 4.5.1 but lacks actual exploit code, instead pointing to an external download (poc.zip). The README provides technical details but relies on an off-site payload, which is a common tactic for malicious lures.

Description

A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service.

Exploits (1)

nomisec SUSPICIOUS
by sy460129 · poc
https://github.com/sy460129/CVE-2025-51005

The repository describes a heap buffer overflow in tcpreplay 4.5.1 but lacks actual exploit code, instead pointing to an external download (poc.zip). The README provides technical details but relies on an off-site payload, which is a common tactic for malicious lures.

Classification
Suspicious 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target: tcpreplay 4.5.1
No auth needed
Prerequisites: Crafted pcap file · tcpreplay 4.5.1 installed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Issue Tracking, Vendor Advisory
https://github.com/appneta/tcpreplay/issues/925
Exploit, Third Party Advisory
https://github.com/sy460129/CVE-2025-51005

Scores

CVSS v3 7.5
EPSS 0.0036
EPSS Percentile 27.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-122
Status published
Products (1)
broadcom/tcpreplay 4.5.1
Published Sep 23, 2025
Tracked Since Feb 18, 2026