CVE-2025-50681
BaseFortify
Publication date: 2025-12-19
Last updated on: 2025-12-19
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| younix | igmpproxy | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-50681 is a buffer overflow vulnerability in the igmpproxy software, specifically in the igmpPacketKind function. The vulnerability occurs because the function uses an unsafe sprintf call to format attacker-controlled input parameters 'type' and 'code' into a fixed-size 20-byte buffer without proper bounds checking. When an attacker supplies large values for these parameters, the formatted string exceeds the buffer size, causing a buffer overflow. This overflow can overwrite critical memory areas like the stack canary, leading to program crashes or termination. The issue was fixed by replacing sprintf with snprintf to enforce buffer size limits. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can be exploited remotely by sending specially crafted IGMP packets with malicious source addresses to a host running vulnerable versions of igmpproxy. Exploitation leads to a denial of service (DoS) by crashing the application due to buffer overflow and stack canary corruption. Devices affected include embedded networking environments and consumer-grade IoT devices such as home routers and media gateways that use igmpproxy to handle multicast traffic. This can disrupt IPTV and streaming services relying on multicast traffic within a LAN. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or denial-of-service symptoms on devices running vulnerable versions of igmpproxy when they receive malformed IGMPv3 membership report packets with invalid group record types. Detection could involve capturing and analyzing IGMP traffic on the network to identify malformed or suspicious IGMPv3 membership report packets. Specific commands are not provided in the resources, but using packet capture tools like tcpdump or Wireshark to filter IGMPv3 packets and inspecting for unusual or malformed group record types could help detect attempts to exploit this vulnerability. [1, 2, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update or patch igmpproxy to the fixed version that includes the commit 2b30c36, which replaces unsafe sprintf calls with snprintf to prevent buffer overflow. If updating is not immediately possible, restricting or filtering malformed IGMPv3 membership report packets on the network to prevent malicious packets from reaching vulnerable devices can help mitigate the risk. Monitoring and limiting multicast traffic from untrusted sources on the LAN is also advisable. [1]