Apple » Airport Base Station Firmware : Security Vulnerabilities, CVEs,
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service.
Max CVSS
7.8
EPSS Score
0.20%
Published
2020-10-27
Updated
2020-10-30
An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory.
Max CVSS
9.8
EPSS Score
0.45%
Published
2020-10-27
Updated
2020-10-30
Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.
Max CVSS
7.5
EPSS Score
0.09%
Published
2020-10-27
Updated
2020-10-30
A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
Max CVSS
9.8
EPSS Score
0.91%
Published
2020-10-27
Updated
2020-10-30
The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information.
Max CVSS
7.5
EPSS Score
0.18%
Published
2020-10-27
Updated
2020-10-30
A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.
Max CVSS
9.8
EPSS Score
0.92%
Published
2020-10-27
Updated
2020-10-30
A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack.
Max CVSS
6.5
EPSS Score
0.11%
Published
2020-10-27
Updated
2020-10-29
The handle_regservice_request function in mDNSResponder before 625.41.2 allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
Max CVSS
9.8
EPSS Score
1.24%
Published
2016-06-26
Updated
2019-06-19
Multiple buffer overflows in mDNSResponder before 625.41.2 allow remote attackers to read or write to out-of-bounds memory locations via vectors involving the (1) GetValueForIPv4Addr, (2) GetValueForMACAddr, (3) rfc3110_import, or (4) CopyNSEC3ResourceRecord function.
Max CVSS
9.8
EPSS Score
1.15%
Published
2016-06-26
Updated
2019-06-19
Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.34%
Published
2016-07-03
Updated
2017-09-01
Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame.
Max CVSS
5.4
EPSS Score
0.08%
Published
2013-09-08
Updated
2013-09-18
11 vulnerabilities found