Vulnerabilities > Treck > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-17 CVE-2020-11898 Information Exposure vulnerability in Treck Tcp/Ip
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
network
low complexity
treck CWE-200
6.4
2020-06-02 CVE-2020-10136 Authentication Bypass by Spoofing vulnerability in multiple products
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
network
low complexity
cisco digi hp treck CWE-290
5.3