Primary

Context

Redir Stack-Based Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A stack-based buffer overflow vulnerability has been identified in Redir version 3.3, specifically within the doproxyconnect() function. This vulnerability allows attackers to crash the application by sending oversized input. The issue arises because the sprintf() function is used to write data into a buffer without proper length validation, enabling memory overwriting that causes a segmentation fault and terminates the program.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to crash.

Reproduction

The vulnerability can be reproduced by sending a crafted payload that exceeds the buffer size in the doproxyconnect() function. This can be done using a tool like netcat to connect to a Redir instance and deliver the oversized input, causing the application to crash due to the stack overflow.

Added: Feb 11, 2026, 9:49 PM

Updated: Feb 11, 2026, 9:49 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.9

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

2.9

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Redir Stack-Based Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating