PT-2026-21427 · Zaher1307 · Tiny Web Server

Ypuluzm

Publicado

2026-02-22

Atualizado

2026-02-27

CVE-2026-2940

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Zaher1307 tiny web server versions prior to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b

Description A flaw exists in the URL Handler component of Zaher1307 tiny web server. This issue allows for an out-of-bounds write, potentially enabling remote attacks. The vulnerable code resides within the tiny web server/tiny.c file, specifically in the tiny web server/tiny.c function. The vulnerability has been publicly disclosed.

Recommendations Update Zaher1307 tiny web server to a version prior to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b.

Exploit

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

CVE-2026-2940

Produtos afetados

Tiny Web Server

PT-2026-21427 · Zaher1307 · Tiny Web Server

CVE-2026-2940

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12