CVE-2025-0726

Name of the Vulnerable Software and Affected Versions Eclipse ThreadX NetX Duo versions prior to 6.4.2

Description The issue is related to the NetX HTTP server functionality, where an attacker can cause a denial of service by sending specially crafted packets. This is due to a missing closing of a file in case of an error condition, resulting in a 404 error for each further file request.

Recommendations For versions prior to 6.4.2, consider disabling the PUT request support as a temporary workaround to mitigate the risk of exploitation. Update to version 6.4.2 or later to resolve the issue.