Eclipse Threadx_netx_duo
20 CVEs affecting Eclipse Threadx_netx_duo. Latest disclosed: 2026-01-27. Critical: 2, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55086 | Critical | 9.8 | 2025-10-20 | In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the s… |
CVE-2025-55081 | Critical | 9.1 | 2025-10-15 | In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certai… |
CVE-2025-55102 | High | 7.5 | 2026-01-27 | A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet To… |
CVE-2025-55085 | High | 7.5 | 2025-10-17 | In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bo… |
CVE-2025-55094 | High | 7.5 | 2025-10-17 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_o… |
CVE-2025-55087 | High | 7.5 | 2025-10-17 | In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 sec… |
CVE-2025-2260 | High | 7.5 | 2025-04-06 | In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially crafted packets. T… |
CVE-2025-2259 | High | 7.5 | 2025-04-06 | In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of ser… |
CVE-2025-2258 | High | 7.5 | 2025-04-06 | In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent… |
CVE-2025-0728 | High | 7.5 | 2025-02-21 | In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of ser… |
CVE-2025-0727 | High | 7.5 | 2025-02-21 | In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of ser… |
CVE-2025-0726 | High | 7.5 | 2025-02-21 | In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause a denial of service by specially crafted packets. T… |
CVE-2024-2452 | High | 7.0 | 2024-03-26 | In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an alloc… |
CVE-2025-55091 | Medium | 6.5 | 2025-10-16 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive(… |
CVE-2025-55090 | Medium | 6.5 | 2025-10-16 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receiv… |
CVE-2025-55093 | Medium | 5.3 | 2025-10-17 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receiv… |
CVE-2025-55092 | Medium | 5.3 | 2025-10-17 | In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx… |
CVE-2025-55084 | Medium | 5.3 | 2025-10-16 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_v… |
CVE-2025-55083 | Medium | 5.3 | 2025-10-15 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. |
CVE-2025-55082 | Medium | 5.3 | 2025-10-15 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in _nx_secure_tls_process_clienthello()… |