CVE-2022-24942

CVE-2022-24942 affects Micrium uC-HTTP 3.01.01’s HTTP Server. The vulnerability is a heap-based buffer overflow in the server's HTTP handling, enabling remote code execution via a crafted HTTP request over the network. According to the connected sources, the impact can be high on confidentiality,...

CVE-2020-13582

Micrium uC-HTTP 3.01.00’s HTTP Server contains a denial-of-service vulnerability due to an unchecked return value in the header-parsing path. Specifically, in the boundary parsing of multipart forms, Str_Char_N may return NULL, and the code proceeds to dereference it, causing a crash (segmentatio...