01642 06 11 11 Arrange Call

Remote OOB Write Vulnerability in Cesanta Mongoose HTTP Server 7.0

CVE-2021-26528 · CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CVE-2021-26528

The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool.

Learn more about our Cis Benchmark Audit For Server Software.