EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free_CVE-2026-10703

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2026-10703

Source VulDB

Published Jun 3, 2026 at 00:30

Affected Product

Vendor EIPStackGroup

Product OpENer

Version 2.0

Affected Versions EIPStackGroup OpENer 2.0
EIPStackGroup OpENer 2.1
EIPStackGroup OpENer 2.2
EIPStackGroup OpENer 2.3.0

CWE Classification

CWE-416 CWE-119

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-06-03T00:30:10.797Z",
    "modified": "2026-06-03T00:30:10.797Z",
    "type": "cve",
    "title": "EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/368016\nhttps://vuldb.com/vuln/368016/cti\nhttps://vuldb.com/cve/CVE-2026-10703\nhttps://vuldb.com/submit/830921\nhttps://github.com/EIPStackGroup/OpENer/issues/566\nhttps://github.com/user-attachments/files/27100961/poc.zip\nhttps://github.com/EIPStackGroup/OpENer/",
    "id": "CVE-2026-10703",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "EIPStackGroup OpENer 2.0\nEIPStackGroup OpENer 2.1\nEIPStackGroup OpENer 2.2\nEIPStackGroup OpENer 2.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OpENer",
    "version": "2.0",
    "vendor": "EIPStackGroup",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}