Sales Chat - Click Here

Integer overflow vulnerability in OpenSSL’s crypto/mdc2/mdc2dgst.c

Mar 13, 2023

Integer overflow vulnerability in the MDC2_Update function in OpenSSL's crypto/mdc2/mdc2dgst.c (CVE-2016-6303)

Summary

This issue is being investigated by Buffalo Engineering.

Vulnerability ID Vulnerability Overview
CVE-2016-6303 Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

Affected Supported TeraStations

TS5010/3020/3010
Pending

TS5020/3030
Please upgrade to firmware version v3.0.0 or later
 

Back to Security Notices

Date Description
3/10/2022 Initial release
05/01/2026 Update


Back to Security Notices

X