PT-2022-19350 · Unknown · Small Http Server

Published

2022-04-29

Updated

2022-05-10

CVE-2022-28994

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Small HTTP Server version 3.06

Description The issue is a remote buffer overflow vulnerability that can be triggered via a long GET request.

Recommendations For Small HTTP Server version 3.06, consider restricting access to the server or limiting the length of GET requests as a temporary mitigation measure until a patch is available.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2022-28994

Affected Products

Small Http Server

PT-2022-19350 · Unknown · Small Http Server

CVE-2022-28994

Weakness Enumeration

Related Identifiers

Affected Products

References · 5