CVE-2025-55085
Web http client: Unchecked Server-Side Malicious Packet Issue
In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Eclipse Foundation · NetX DuoQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →