76 matches found
CVE-2023-28391
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-27882
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-24585
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...
CVE-2023-25181
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
Memory corruption
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
Memory corruption
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
Memory corruption
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-25181
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-25181
CVE-2023-25181 is a heap-based buffer overflow in the HTTP Server of Weston Embedded uC-HTTP v3.01.01. Talos confirms a specially crafted network packet can trigger an integer underflow in Protocol Version parsing, leading to arbitrary code execution. Vulnerable versions include Weston Embedded u...
CVE-2023-24585
CVE-2023-24585 affects Weston Embedded uC-HTTP v3.01.01, specifically the HTTP Server functionality. The vulnerability is an out-of-bounds write that occurs while parsing an HTTP request method, which can lead to memory corruption (including heap corruption). An attacker can trigger this by sendi...
CVE-2023-28391
CVE-2023-28391 : Talos reports a memory corruption vulnerability in Weston Embedded uC-HTTP v3.01.01’s HTTP Server header parsing. A crafted network packet can trigger a one-byte NULL overwrite during header value length handling, which, via heap corruption in uC-LIB Mem_DynPool, may allow an att...
CVE-2023-28391
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-25181
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-27882
Talos advisory TALOS-2023-1733 documents a heap-based buffer overflow in Weston Embedded uC-HTTP server form boundary handling (v3.01.01), enabling code execution via a specially crafted network packet. Affected products/versions listed: Weston Embedded uC-HTTP v3.01.01, Cesium NET 3.07.01, Silic...
CVE-2023-28379
Cisco Talos details a normal-mode vulnerability: CVE-2023-28379 is a memory corruption in Weston Embedded uC-HTTP HTTP Server form boundary handling (uC-HTTP v3.01.01). TALOS-2023-1738 confirms the issue as a heap-based overflow when parsing the form boundary string, where the boundary length is ...
CVE-2023-28379
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-28379
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-27882
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-31247
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2023-31247
CVE-2023-31247 concerns a memory corruption in the HTTP Server Host header parsing of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can trigger code execution. Talos confirms this as a vulnerability affecting Weston Embedded uC-HTTP v3.01.01 and related platforms (Cesium NE...