accel-ppp 漏洞與 CVE 列表(7)

產品(CPE): — CVE 數: 7

accel-ppp 漏洞概覽

彙總 accel-ppp 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 緩衝區溢位與記憶體損壞 相關,可能在 軟體部署與生產負載 場景中帶來 應用程式崩潰與記憶體損壞 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 177 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2021-42870 ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request. [email protected] 7.5 0.98% 2022-05-16 2026-06-17
CVE-2022-0982 The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. [email protected] 9.8 1.19% 2022-03-16 2026-06-17
CVE-2022-24705 The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. [email protected] 9.8 1.16% 2022-02-14 2026-06-17
CVE-2022-24704 The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. [email protected] 9.8 1.16% 2022-02-14 2026-06-17
CVE-2021-42054 ACCEL-PPP 1.12.0 has an out-of-bounds read in triton_context_schedule if the client exits after authentication. [email protected] 7.5 1.09% 2021-10-07 2026-06-17
CVE-2020-28194 Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution. [email protected] 9.8 2.70% 2021-02-01 2026-06-16
CVE-2020-15173 In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be ap [email protected] 8.2 1.18% 2020-09-09 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence