CVE-2025-0728

Name of the Vulnerable Software and Affected Versions Eclipse ThreadX NetX Duo versions prior to 6.4.2

Description The issue allows an attacker to cause an integer underflow and a subsequent denial of service by writing a very large file or by sending specially crafted packets with Content-Length smaller than the data request size.

Recommendations For versions prior to 6.4.2, consider disabling HTTP PUT support as a temporary workaround to minimize the risk of exploitation. Update to version 6.4.2 or later to resolve the issue.