Remote Denial of Service Vulnerability in Mongoose 6.11

Remote Denial of Service Vulnerability in Mongoose 6.11

CVE-2018-10945 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.

Learn more about our Web Application Penetration Testing UK.