CVE-2025-9384

CVE-2025-9384

Name

CVE-2025-9384

Description

A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was "[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2".

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
exploit	https://drive.google.com/file/d/1oVmsER6CXULLz_rnIyL410DJqO_hBtw_/view?usp=sharing
issue-tracking	https://github.com/appneta/tcpreplay/issues/971
issue-tracking	https://github.com/appneta/tcpreplay/issues/971#issuecomment-3199014524
signature	https://vuldb.com/?ctiid.321217
vdb-entry	https://vuldb.com/?id.321217
third-party-advisory	https://vuldb.com/?submit.630496

Type

URI

exploit

https://drive.google.com/file/d/1oVmsER6CXULLz_rnIyL410DJqO_hBtw_/view?usp=sharing

issue-tracking

https://github.com/appneta/tcpreplay/issues/971

issue-tracking

https://github.com/appneta/tcpreplay/issues/971#issuecomment-3199014524

signature

https://vuldb.com/?ctiid.321217

vdb-entry

https://vuldb.com/?id.321217

third-party-advisory

https://vuldb.com/?submit.630496

Match rules

CPE URI	Source package	Min version	Max version
	tcpreplay	== 4.5.0	== 4.5.0
	tcpreplay	== 4.5.1	== 4.5.1
	tcpreplay	== 4.5.2-beta2	== 4.5.2-beta2
`cpe:2.3:a:broadcom:tcpreplay::::::::`	tcpreplay	>= None	<= 4.5.1

CPE URI

Source package

Min version

Max version

tcpreplay

== 4.5.0

tcpreplay

== 4.5.1

tcpreplay

== 4.5.2-beta2

cpe:2.3:a:broadcom:tcpreplay:*:*:*:*:*:*:*:*

tcpreplay

>= None

<= 4.5.1

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
tcpreplay	edge-community	4.5.1-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
tcpreplay	edge-community	4.4.1-r0	None	possibly vulnerable
tcpreplay	edge-community	4.3.4-r0	None	possibly vulnerable
tcpreplay	edge-community	4.3.2-r0	None	possibly vulnerable
tcpreplay	3.22-community	4.5.1-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
tcpreplay	3.22-community	4.4.1-r0	None	possibly vulnerable
tcpreplay	3.22-community	4.3.4-r0	None	possibly vulnerable
tcpreplay	3.22-community	4.3.2-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

tcpreplay

edge-community

4.5.1-r0

Celeste <cielesti@protonmail.com>

possibly vulnerable

tcpreplay

edge-community