CVE-2022-24942
published 2022-11-15CVE-2022-24942: Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.86%
76.6th percentile
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| silabs.com | gecko_platform | < 4.1.1.0 | 4.1.1.0 |
| silabs | micrium_uc-http | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000KlMPOQA3?operationContext=S1https://github.com/SiliconLabs/gecko_sdk/blame/v4.1.1/platform/micrium_os/net/source/http/server/http_server_req.chttps://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000KlMPOQA3?operationContext=S1https://github.com/SiliconLabs/gecko_sdk/blame/v4.1.1/platform/micrium_os/net/source/http/server/http_server_req.c
2022-11-15
Published