CVE-2024-42385

Improper Neutralization of Delimiters in Mongoose Web Server library

CVSS 4 MEDIUMEPSS 0.1%CWE-140

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Productos afectados

Cesanta · Mongoose Web Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42385