Description

A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Client::download of the file client.rs. Such manipulation leads to heap-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.

Related CPE's

Could not find any relations

References

https://gitee.com/gmg137/snap7-rs/issues/ID2H7V

https://vuldb.com/?ctiid.338637

https://vuldb.com/?id.338637

Weaknesses

[email protected]

Primary
CWE-119CWE-122

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Received

Published

2025-12-30T12:15:45.110

2 hours ago

Last modified

2025-12-30T12:15:45.110

2 hours ago