CVE-2025-55763 — Stack-based Buffer Overflow in Project Civetweb

CWE-121 — Stack-based Buffer Overflow5 documents5 sources

Severity

7.5HIGHNVD

EPSS

4.6%

top 10.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Civetweb Project Civetweb

Timeline

PublishedAug 29

Description

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶Debiancivetweb_project/civetweb< 1.16+dfsg-2+deb13u1+1

▶NVDcivetweb_project/civetweb1.14 — 1.16

🔴Vulnerability Details

GHSA

GHSA-2757-2hpv-v482: Buffer Overflow in the URI parser of CivetWeb 1↗2025-08-29

▶

CVEList

CVE-2025-55763: Buffer Overflow in the URI parser of CivetWeb 1↗2025-08-29

▶

OSV

CVE-2025-55763: Buffer Overflow in the URI parser of CivetWeb 1↗2025-08-29

▶

📋Vendor Advisories

Debian

CVE-2025-55763: civetweb - Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows ...↗2025

▶