CVE-2025-0727

Name of the Vulnerable Software and Affected Versions Eclipse ThreadX NetX Duo versions prior to 6.4.2

Description The issue allows an attacker to cause an integer underflow and a subsequent denial of service by writing a very large file or by sending specially crafted packets with Content-Length in one packet smaller than the data request size of the other packet.

Recommendations For versions prior to 6.4.2, consider disabling HTTP PUT support as a temporary workaround until a patch is available. Update to version 6.4.2 or later to resolve the issue.