CVE-2025-9019 | tcpreplay 4.5.1 tcpprep cidr.c mask_cidr6 heap-based overflow (Issue 958)

A vulnerability has been found in tcpreplay 4.5.1 and classified as problematic. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow.

This vulnerability was named CVE-2025-9019. The attack can be initiated remotely. Furthermore, there is an exploit available.

The researcher is able to reproduce this with the latest official release 4.5.1 and the current master branch. The code maintainer cannot reproduce this for 4.5.2-beta1. In his reply the maintainer explains that “[i]n that case, this is a duplicate that was fixed in 4.5.2.”

CVE-2025-9019 | tcpreplay 4.5.1 tcpprep cidr.c mask_cidr6 heap-based overflow (Issue 958)

Post correlati

CVE-2022-30636 | x-crypto prior 0.0.0-20220525230936-793ad666bf5e on Go path traversal

CVE-2023-51749 | ScaleFusion 10.5.2 Tooltip access control

CVE-2022-40975 | Aazztech Post Slider Plugin up to 1.6.7 on WordPress authorization

CVE-2024-8214 | D-Link DNS-1550-04 up to 20240814 /cgi-bin/hd_config.cgi cgi_FMT_Std2R5_2nd_DiskMGR f_source_dev command injection (SAP10383)