{"vulnerability": "CVE-2020-25928", "sightings": [{"uuid": "362ceb92-d146-43d8-b331-7fc0f713e492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25928", "type": "seen", "source": "https://t.me/cibsecurity/27559", "content": "\u203c CVE-2020-25928 \u203c\n\nThe DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the \"response data length\" field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T22:17:03.000000Z"}, {"uuid": "369b2878-f572-4b4f-b5fb-66fddb0dc882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-25928", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_22/2021", "content": "", "creation_timestamp": "2021-08-04T12:58:56.000000Z"}]}