Sales Chat - Click Here

OpenSSL Vulnerabilities

Nov 20, 2025
Vulnerability ID Vulnerability Overview
CVE-2025-9232 An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the no_proxy environment variable is configured and the host portion of the HTTP URL is an IPv6 address. This improper boundary check can crash the application, resulting in a denial of service.
CVE-2025-53020 A flaw exists in how certain operations handle the lifecycle of allocated memory. Memory may be released later than intended, creating a window where stale memory persists past its effective lifetime. An attacker could potentially exploit this late release behavior to trigger a denial of service condition through continuous memory consumption.


Affected Supported TeraStations

TS7010
Vulnerability is patched from firmware version 2.00

TS5020 and TS3030 

LS700
Vulnerability is patched from firmware version 2.02
 

Back to Security Notices

Date Description
11/20/2025 Initial release
12/10/2025 Update


Back to Security Notices

X