cvedb.io
CVE-2021-40523
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-09-05T19:15:15.030 · Last modified 2026-06-17T04:07:05.043

Summary

In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of service. Specifically, a server sometimes sends no response, because a fixed buffer space is available for all responses and that space may have been exhausted.

Affected products

contiki-os — contiki

Does this affect you?

Add your gear to cvedb and we'll alert you only when contiki-os ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.