Potential Vulnerabilities (cont'd) #427 Open by archersec on Oct 4, 2025 Vul 1 Description Stack-buffer-overflow in (mk_server/mk_http.c:591). Analysis When the request URL starts with a slash and "\0", the function bypasses the check for in line 803 and calls . An attacker can construct a URL exceeding the (1024 bytes), causing a stack-buffer-overflow. Vul 2 Description Segmentation fault in (mk_server/mk_http.c:479). Analysis If the HTTP request contains a "Range" option with a specific format (e.g., ), the function results in a segmentation fault. This occurs because returns a null pointer for , which is then passed to . Attachments: monkey-poc-2.zip Note: Stack-buffer-overflow in Vul 1 may lead to Remote Code Execution.