CVE-2023-27882

Name of the Vulnerable Software and Affected Versions Weston Embedded uC-HTTP version 3.01.01

Description A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality. This issue can be triggered by a specially crafted network packet, potentially leading to code execution. An attacker can exploit this by sending a malicious packet.

Recommendations For version 3.01.01, consider disabling the HTTP Server form boundary functionality until a patch is available to prevent potential code execution. Restrict access to the HTTP Server to minimize the risk of exploitation. Avoid using the vulnerable functionality in the HTTP Server form boundary until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.