CVE-2025-15247: Heap-based Buffer Overflow in gmg137 snap7-rs
A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Client::download of the file client.rs. Such manipulation leads to heap-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
CVE-2025-15247: Heap-based Buffer Overflow in gmg137 snap7-rs
Description
A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Client::download of the file client.rs. Such manipulation leads to heap-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-12-29T08:36:50.869Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6953c28471a94549f1c2b202
Added to database: 12/30/2025, 12:16:04 PM
Last updated: 12/30/2025, 1:26:12 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15248: Cross Site Scripting in sunhailin12315 product-review 商品评价系统
MediumCVE-2025-14426: CWE-862 Missing Authorization in wpchill Strong Testimonials
Medium8 Cybersecurity Acquisitions Surpassed $1 Billion Mark in 2025
MediumCVE-2024-35655: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Brave Brave Popup Builder
MediumCVE-2025-15246: Deserialization in aizuda snail-job
MediumActions
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.