Arthur Taggart

**Name of the Vulnerable Software and Affected Versions** Contiki Operating System version 3.0 **Description** A use-after-free issue exists in the httpd-simple.c file of the cc26xx-web-demo httpd, where the http state structure is not properly deallocated upon a connection close event. This results in a NULL pointer dereference in the output processing function, causing a board crash that can be exploited to perform a denial of service. **Recommendations** For Contiki Operating System version 3.0, as a temporary workaround, consider disabling the httpd-simple.c module until a patch is available. Restrict access to the cc26xx-web-demo httpd to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Contiki Operating System version 3.0 **Description** A Persistent XSS issue is present in the MQTT/IBM Cloud Config page of cc26xx-web-demo, which features a webserver running on a constrained device. This page allows users to remotely configure the device's operation by sending HTTP POST requests. The issue consists of improper input sanitization of the text fields on the MQTT/IBM Cloud config page, allowing for JavaScript code injection. **Recommendations** For Contiki Operating System version 3.0, as a temporary workaround, consider disabling the MQTT/IBM Cloud Config page (aka mqtt.html) in the cc26xx-web-demo until a patch is available. Restrict access to the cc26xx-web-demo webserver to minimize the risk of exploitation. Avoid using the text fields on the MQTT/IBM Cloud config page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.