JFrog Security Research
< Back

XRAY-194059 - NicheStack TFTP filename OOB-R

CVE-2021-36762 | CVSS 7.5

JFrog Severity:high

Discovered ByDenys Vozniukof the JFrog Security Research Team

Published 4 Aug, 2021 | Last updated 4 Aug, 2021

NicheStack TFTP filename read out of bounds

InterNiche TCP/IP stack

InterNiche (, 4.3), fixed in 4.3

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).

No PoC is supplied for this issue

If not needed, disable the NicheStack TFTP server through the NicheStack CLI

(JFrog) INFRA:HALT New Vulnerabilities Impacting OT and Critical Infrastructure


< Back