PT-2026-4730 · Unknown · Pymumu Smartdns
Liloler
·
Published
2026-01-01
·
Updated
2026-01-26
·
CVE-2026-1425
CVSS v4.0
6.3
Medium
| Vector | AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
pymumu SmartDNS versions through 47.1
Description
A security flaw exists in pymumu SmartDNS related to the SVBC Record Parser component, specifically within the
dns decode rr head/ dns decode SVCB HTTPS function located in the src/dns.c file. This issue results in a stack-based buffer overflow and can be exploited remotely. The exploitability is considered difficult and requires a high level of complexity.Recommendations
Apply patch 2d57c4b4e1add9b4537aeb403f794a084727e1c8 to resolve this vulnerability.
Fix
Stack Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pymumu Smartdns