CVE-2025-1207

Sažetak

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/DMCERTCE/TFTPD64_DOS
https://github.com/DMCERTCE/TFTPD64_DOS/blob/main/poc.py
https://vuldb.com/?ctiid.295144
https://vuldb.com/?id.295144
https://vuldb.com/?submit.497249

CVSS

Base:	1.8
Impact:	2.9
Exploitability:	3.2

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:A/AC:H/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

12-02-2025 - 16:15

Objavljeno

12-02-2025 - 16:15