PT-2026-5341 · Monkey · Monkeyd
Published
2026-01-29
·
Updated
2026-02-03
·
CVE-2025-63655
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Monkey versions prior to commit f37e984
Description
A flaw exists in the
mk http range parse function located in mk server/mk http.c that can lead to a Denial of Service (DoS). This occurs when a specially crafted HTTP request is sent to the server, causing a NULL pointer dereference. The vulnerable function is mk http range parse().Recommendations
Update to commit f37e984 or later to address this issue.
Exploit
Fix
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Monkeyd