The L2TP implementation of MPD before 5.9 allows a remote...
Critical severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jul 19, 2023
Description
Published by the National Vulnerability Database
Oct 6, 2020
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jul 19, 2023
The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
References