CVE-2021-37740

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
7.8
HIGH
Affected
1
PROJECT

Description

A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field.

robertguetzkow/CVE-2021-37740
robertguetzkow/CVE-2021-37740
PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
GitHubGitHub
6