Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cesanta Mongoose MQTT Message Parsing Heap Overflow
Vulnerability Description
Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Cesanta Mongoose 缓冲区错误漏洞
Vulnerability Description
Cesanta Mongoose是爱尔兰Cesanta公司的一套嵌入式服务器库,它包括TCP、HTTP客户端和服务器、WenSocket客户端和服务器等功能。 Cesanta Mongoose 7.11 版本存在安全漏洞,该漏洞源于没有验证带有可变长度标头的 MQTT_CMD_PUBLISH 解析消息的长度。
CVSS Information
N/A
Vulnerability Type
N/A