How severe is CVE-2025-46836?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2025-46836?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2025-46836

MEDIUM Year: 2025

CVSS v3 Score

6.6

Medium

Weakness Type

CWE-20

View all →

Vulnerability Description

net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.

CVE-2016-5025

MEDIUM

CVSS:6.6(Medium)

For the NVIDIA Quadro, NVS, and GeForce products, improper sanitization of parameters in the NVAPI support layer causes a denial of service vulnerability (blue screen crash) within the NVIDIA Windows ...

CWE-202016

CVE-2016-9587

MEDIUM

CVSS:6.6(Medium)

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed b...

CWE-202016

CVE-2017-11885

MEDIUM

CVSS:6.6(Medium)

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 ...

CWE-202017

CVE-2017-16538

MEDIUM

CVSS:6.6(Medium)

drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified othe...

CWE-202017

CVE-2017-7154

MEDIUM

CVSS:6.6(Medium)

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the "Kernel" component. It allows loc...

CWE-202017

CVE-2018-1999018

MEDIUM

CVSS:6.6(Medium)

Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) t...

CWE-202018

CVE-2025-46836

Vulnerability Description

Related Vulnerabilities

CVE-2016-5025

CVE-2016-9587

CVE-2017-11885

CVE-2017-16538

CVE-2017-7154

CVE-2018-1999018