CVE-2020-25066

CRITICAL

10.0

CVSS 3.1

Description

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.

Metadata

CVE ID: CVE-2020-25066
State: PUBLISHED
Assigner: mitre
Reserved: 2020-09-01 00:00 UTC
Published: 2020-12-22 21:04 UTC
Last updated: 2024-08-04 15:26 UTC
Vendor / Product: n/a / n/a
Sources: cve.org · NVD

Severity & Metrics

10.0 CRITICAL CVSS 3.1

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N

Affected products (1)

Vendor	Product	Platform	Versions
n/a	n/a	—	n/a

Weakness (CWE)

CWE	Source	Description
—	cna	n/a

CVSS scores (1)

Score	Severity	Version	Source	Vector
10.0	CRITICAL	3.1	cna	CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N

References (2)

https://treck.com/vulnerability-response-information/
https://security.netapp.com/advisory/ntap-20210201-0003/

Back to overview