CVE-2024-50595

CVE-2024-50595 is a vulnerability in STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0 where an integer underflow in the NetX Duo HTTP server PUT handling can trigger denial of service. Specifically, in the NetX Duo Component HTTP Server (nx_http_server.c), processing of HTTP PUT requests can lead to an ...

CVE-2024-50597

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

CVE-2024-50596

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

CVE-2024-50596

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

CVE-2024-50597

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects t...

CVE-2024-50597

STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0 contains an integer underflow in the NetX Duo HTTP Server PUT handling (xnd_http_server.c). In _nx_web_http_server_put_process, the Content-Length is compared against the received data; if mismatched, a large write can be triggered, potentially leading to...

CVE-2024-50596

CVE-2024-50596 concerns STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. The NetX Duo Web Component HTTP Server (nx_web_http_server.c) has an integer underflow in the HTTP PUT path that can cause a denial of service by writing an excessively large file. TALOS-2024-2103 documents the vulnerability in th...

STMicroelectronics X-CUBE-AZRTOS-WL 数字错误漏洞

STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A numeric error vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which stems from an integer overflow in the PUT request function o...

STMicroelectronics X-CUBE-AZRTOS-WL 安全漏洞

STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A security vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which originates from a denial of service in the HTTP server...

STMicroelectronics X-CUBE-AZRTOS-WL 安全漏洞

STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A security vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which originates from a denial of service in the HTTP server...

PT-2025-14503 · Netx Duo +1 · Netx Duo +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow issue exists in the HTTP server's PUT request functionality, which can lead to denial of service. This is due to the NetX Duo Component HTTP Server...

PT-2025-14505 · Stmicroelectronics · Stmicroelectronics X-Cube-Azrtos-Wl

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow issue exists in the HTTP server's PUT request functionality, which can be triggered by a specially crafted network packet, leading to denial of service. This...

PT-2025-14501 · Stmicroelectronics · X-Cube-Azrtos-Wl +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 STMicroelectronics X-CUBE-AZRTOS-F7 NetX Duo Component HTTP Server version 1.1.0 Description: A denial of service issue exists in the NetX Component HTTP server functionality. This can be...

PT-2025-14500 · Stmicroelectronics · Stmicroelectronics X-Cube-Azrtos-Wl +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 STMicroelectronics X-CUBE-AZRTOS-F7 NetX Duo Web Component HTTP server version 1.1.0 Description: A denial of service issue exists in the NetX Component HTTP server functionality. This can be...

PT-2025-14504 · Stmicroelectronics +1 · X-Cube-Azrtos-Wl +1

Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: An integer underflow vulnerability exists in the HTTP server PUT request functionality. A specially crafted network packet can lead to denial of service. This issue affects the Ne...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2103 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50596,CVE-2024-50597 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2102 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50594,CVE-2024-50595 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

Brocade Fabric OS Remote Code Execution / Information Disclosure

Brocade Fabric OS versions prior to 9.2.2 suffer from 10 vulnerabilities including, but not limited to, remote code execution, information disclosure, man-in-the-middle, weak cryptography, and hardcoded key vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Titl...

PT-2025-14621 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue is related to a remote code execution vulnerability. No specific details about the estimated number of potentially affected devices worldwide or real-world incidents...

PT-2025-14615 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input in the Apache HTTP Server. No specific details about the estimated number of potentially affected devices or real-world incidents are...