mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
867 B
867 B
CVE-2023-2905
Description
Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.
POC
Reference
Github
No PoCs found on GitHub currently.