Shodan
Vulnerabilities
Vulnerable Software
Weston-Embedded:  Security Vulnerabilities
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.
CVSS Score
8.7
EPSS Score
0.003
Published
2024-02-20
CVE-2023-39540
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-02-20
CVE-2023-39541
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-02-20
CVE-2023-45318
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
10.0
EPSS Score
0.004
Published
2024-02-20
CVE-2023-31247
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
CVE-2023-27882
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
CVE-2023-28379
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.002
Published
2023-11-14
CVE-2023-28391
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
CVE-2023-24585
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
CVSS Score
7.7
EPSS Score
0.002
Published
2023-11-14
CVE-2023-25181
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.002
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved