diff --git a/CHANGELOG b/CHANGELOG
index 3e805dad..5425c90a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -274,6 +274,10 @@ HISTORY
 
   ++ Bugfixes:
 
+  2015-09-30: Simon Goldschmidt
+  * ip4_addr.c: fixed bug #46072: ip4addr_aton() does not check the number range
+    of all address parts
+
   2015-08-28: Simon Goldschmidt
   * tcp.c, tcp_in.c: fixed bug #44023: TCP ssthresh value is unclear: ssthresh
     is set to the full send window for active open, too, and is updated once
diff --git a/src/core/ipv4/ip4_addr.c b/src/core/ipv4/ip4_addr.c
index c87c10d4..31b737c2 100644
--- a/src/core/ipv4/ip4_addr.c
+++ b/src/core/ipv4/ip4_addr.c
@@ -230,6 +230,9 @@ ip4addr_aton(const char *cp, ip4_addr_t *addr)
     if (val > 0xffffffUL) {
       return 0;
     }
+    if (parts[0] > 0xff) {
+      return 0;
+    }
     val |= parts[0] << 24;
     break;
 
@@ -237,6 +240,9 @@ ip4addr_aton(const char *cp, ip4_addr_t *addr)
     if (val > 0xffff) {
       return 0;
     }
+    if ((parts[0] > 0xff) || (parts[1] > 0xff)) {
+      return 0;
+    }
     val |= (parts[0] << 24) | (parts[1] << 16);
     break;
 
@@ -244,6 +250,9 @@ ip4addr_aton(const char *cp, ip4_addr_t *addr)
     if (val > 0xff) {
       return 0;
     }
+    if ((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff)) {
+      return 0;
+    }
     val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8);
     break;
   default: