CVE-2024-42385

Improper Neutralization of Delimiters in Mongoose Web Server library

CVSS 4 MEDIUMEPSS 0.1%CWE-140

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Produtos afetados

Cesanta · Mongoose Web Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42385