DIBT-CVE 20260601-0003 Unchecked input for loop condition (CWE-606) in the SNMP agent (MEDIUM)

  • Classification: CWE-606 Unchecked input for loop condition
  • Severity: Medium

Description

Unchecked input for loop condition (CWE-606) in the SNMP agent in Loytec LIP-ME201C 8.4.16 on LINX-A64 allows an unauthenticated remote attacker to cause persistent denial of service (CPU exhaustion) via a crafted SNMP GETNEXT request with a large OID component.

The issue has been reported as CVE-2026-55731.

Impact

Denial of service to the SNMP database.

Mitigation

Upgrade to firmware version 8.4.18.