Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
igmpproxy 0.4 before commit 2b30c36 allows remote attackers to cause a denial of service (application crash) via a crafted IGMPv3 membership report packet with a malicious source address. Due to insufficient validation in the `recv_igmp()` function in src/igmpproxy.c, an invalid group record type can trigger a NULL pointer dereference when logging the address using `inet_fmtsrc()`. This vulnerability can be exploited by sending malformed multicast traffic to a host running igmpproxy, leading to a crash. igmpproxy is used in various embedded networking environments and consumer-grade IoT devices (such as home routers and media gateways) to handle multicast traffic for IPTV and other streaming services. Affected devices that rely on unpatched versions of igmpproxy may be vulnerable to remote denial-of-service attacks across a LAN .
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
igmpproxy 安全漏洞
Vulnerability Description
igmpproxy是pali个人开发者的一个路由守护进程。 igmpproxy存在安全漏洞,该漏洞源于src/igmpproxy.c中recv_igmp函数验证不足,可能导致空指针取消引用和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A