Описание
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:silabs:gecko_software_development_kit:4.3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:weston-embedded:uc-http:-:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00554
Низкий
10 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-122
CWE-787
Связанные уязвимости
CVSS3: 10
github
почти 2 года назад
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
EPSS
Процентиль: 68%
0.00554
Низкий
10 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-122
CWE-787