Primary

Context

lwIP Stack-Based Buffer Overflow Vulnerability in SNMPv3 USM Handler

Vulnerability

A stack-based buffer overflow vulnerability has been identified in lwIP versions prior to 2.2.1. The issue arises in the SNMPv3 USM Handler, specifically within the snmp_parse_inbound_frame function of the snmp_msg.c file. The vulnerability can be exploited remotely by manipulating the msgAuthenticationParameters argument, leading to a buffer overflow on the stack.

Impact

Exploitation of this vulnerability allows for a stack-based buffer overflow, which could potentially be exploited to execute arbitrary code or cause a denial-of-service condition.

Remediation

Users are advised to update to lwIP version 2.2.1 or later, where this vulnerability has been addressed.

Added: May 18, 2026, 7:20 PM

Updated: May 18, 2026, 7:20 PM

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

0.6

exploitability

8.1

remediation

7.7

relevance

8.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

0.6

exploitability

8.1

remediation

7.7

relevance

8.7

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

lwIP Stack-Based Buffer Overflow Vulnerability in SNMPv3 USM Handler

Vulnerability

Impact

Remediation

Affected Products

lwIP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating