ГлавнаяУязвимости → CVE-2023-45318
10критическая

CVE-2023-45318

Описание

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.

Затрагиваемое ПО
Silabs Gecko software development kitWeston-embedded Uc-http
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1843