Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-44793

handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Published

2022-11-07T03:15:09.363

Last Modified

2025-05-05T16:15:22.427

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-476
Type: Secondary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	net-snmp	net-snmp	≤ 5.9.3	Yes
Operating System	debian	debian_linux	10.0	Yes
Operating System	netapp	h300s_firmware	-	Yes
Hardware	netapp	h300s	-	No
Operating System	netapp	h500s_firmware	-	Yes
Hardware	netapp	h500s	-	No
Operating System	netapp	h700s_firmware	-	Yes
Hardware	netapp	h700s	-	No
Operating System	netapp	h410s_firmware	-	Yes
Hardware	netapp	h410s	-	No

References

https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f Exploit, Third Party Advisory ([email protected])
https://github.com/net-snmp/net-snmp/issues/475 Exploit, Issue Tracking, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html Mailing List, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20230223-0011/ Third Party Advisory ([email protected])
https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/net-snmp/net-snmp/issues/475 Exploit, Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20230223-0011/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)