CVE-2017-6520

CRITICAL Year: 2017
CVSS v3 Score
9.1
Critical
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-417
View all →

Vulnerability Description

The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 inadvertently responds to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.

Related Vulnerabilities

CVE-2017-1000197

CRITICAL
CVSS:9.8(Critical)

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.

CWE-4172017

CVE-2019-9855

CRITICAL
CVSS:9.8(Critical)

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice ...

CWE-4172019

CVE-2017-7760

HIGH
CVSS:7.8(High)

The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a...

CWE-4172017

CVE-2016-9879

HIGH
CVSS:7.5(High)

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints...

CWE-4172016

CVE-2018-14900

HIGH
CVSS:7.5(High)

On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.

CWE-4172018

CVE-2018-5254

HIGH
CVSS:7.5(High)

Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.

CWE-4172018