CVE-2023-28391

Name of the Vulnerable Software and Affected Versions Weston Embedded uC-HTTP version 3.01.01

Description A memory corruption issue exists in the HTTP Server header parsing functionality. This can be exploited by sending specially crafted network packets, potentially leading to code execution. An attacker can trigger this issue by sending a malicious packet.

Recommendations For version 3.01.01, consider disabling the HTTP Server header parsing functionality until a patch is available. Restrict access to the HTTP server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.