CVE-2025-1207 LOW

CVE-2025-1207: phjounin TFTPD64 DNS denial of service

Vendor Phjounin
Product TFTPD64
Weakness CWE-404
Published February 12, 2025
Last update February 12, 2025

CVSS base score

2.3/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in phjounin TFTPD64 4.64. It has been declared as problematic. This vulnerability affects unknown code of the component DNS Handler. The manipulation leads to denial of service. The attack needs to be done within the local network. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

February 12, 2025 CVE published
February 12, 2025 Record updated