PT-2025-27632 · Winstar · Winstar Wn572Hp3
Wei
·
Published
2025-07-02
·
Updated
2025-07-02
·
CVE-2025-45029
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
WINSTAR WN572HP3 version v230525
Description:
A heap overflow issue was discovered via the
CONTENT LENGTH variable at the "/cgi-bin/upload.cgi" API endpoint.Recommendations:
For WINSTAR WN572HP3 version v230525, consider disabling access to the "/cgi-bin/upload.cgi" API endpoint until a patch is available to prevent exploitation of the heap overflow issue. Avoid using the
CONTENT LENGTH variable in the affected API endpoint until the issue is resolved.Fix
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Winstar Wn572Hp3