VDB
CNVD-2025-30215
CNVD-2025-30215
PUBLISHED
CVSS 5.5 MEDIUM
Wireshark(前称Ethereal)是导线鲨鱼(Wireshark)团队的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。 Wireshark 4.6.0版本存在缓冲区溢出漏洞,该漏洞源于BPv7解析器崩溃。攻击者可以利用该漏洞造成DoS。
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wireshark Foundation | Wireshark | 4.6.0 |
Exploit Intelligence
- https://www.wireshark.org/security/wnpa-sec-2025-05.html (circl)
- GitLab Issue #20770 (circl)
- CIRCL seen: CVE-2025-13674 (circl-sighting)
Timeline
- Nov 19, 2025 CVE Published
- Nov 26, 2025 PoC Published