CVE-2023-45318

Name of the Vulnerable Software and Affected Versions Weston Embedded uC-HTTP version 80d4004

Description A heap-based buffer overflow vulnerability exists in the HTTP Server functionality. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.

Recommendations For version 80d4004, consider disabling the HTTP Server functionality until a patch is available. Restrict access to the network to minimize the risk of exploitation. Avoid using the vulnerable version in production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.