Improper input validation in Solarwinds Tftp_server

CVE-2010-2310

SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.231 (96.0th percentile) — read the EPSS interpretation.

Affected products

Solarwinds Tftp_server — versions 10.4.0.13
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

solarwinds-read-dos(59419) (vdb-entry, x_refsource_XF)
13836 (Exploit, exploit, x_refsource_EXPLOIT-DB)
65540 (x_refsource_OSVDB, vdb-entry)
40824 (vdb-entry, x_refsource_BID)