CVE-2018-10389

Name of the Vulnerable Software and Affected Versions TFTP Server MT versions 1.65 and earlier

Description The issue concerns a format string vulnerability in the logMess function. This vulnerability can be exploited by remote attackers who send TFTP error packets containing format string sequences, potentially leading to a denial of service or the execution of arbitrary code.

Recommendations For versions 1.65 and earlier, update to a version later than 1.65 to resolve the issue. As a temporary workaround, consider restricting access to the TFTP server to minimize the risk of exploitation.