NicheStack TFTP filename read out of bounds
InterNiche (, 4.3), fixed in 4.3
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The
tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to
strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).
No PoC is supplied for this issue
If not needed, disable the NicheStack TFTP server through the NicheStack CLI
(JFrog) INFRA:HALT New Vulnerabilities Impacting OT and Critical Infrastructure