CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24942 – Heap-based buffer overflow in MicriumOS HTTP Server allows potential remote code execution
https://notcve.org/view.php?id=CVE-2022-24942
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request. Desbordamiento del búfer basado en el montón en la funcionalidad del servidor HTTP en Micrium uC-HTTP 3.01.01 permite la ejecución remota de código a través de una solicitud HTTP. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000KlMPOQA3?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk/blame/v4.1.1/platform/micrium_os/net/source/http/server/http_server_req.c • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13582
https://notcve.org/view.php?id=CVE-2020-13582
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio en la funcionalidad del HTTP Server de Micrium uC-HTTP versión 3.01.00. Una petición HTTP especialmente diseñada puede causar una denegación de servicio. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1193 • CWE-476: NULL Pointer Dereference CWE-690: Unchecked Return Value to NULL Pointer Dereference •