CVE-2025-54349

MEDIUM

iperf3 3.2-3.19.1 - Heap-Based Buffer Overflow via Off-by-One Error

Title source: llm

In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.

Core 3

Core References

Patch

Release Notes

Mailing List

CVSS v3 6.5

EPSS 0.0037

EPSS Percentile 28.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-193

Status published

Products (1)

es/iperf3 3.2 - 3.19.1

Published Aug 03, 2025

Tracked Since Feb 18, 2026