CVE-2024-50595

Medium CVSS: 4.3

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c

Vendor

Product

X-cube-azrt-h7rs

CWE

CWE-191

Yayın Tarihi

2025-04-02 14:15:43

Güncelleme

2025-11-03 20:16:37

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-191 X-cube-azrt-h7rs MEDIUM St 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2102 https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2102

Benzer Kayıtlar

Medium

CVE-2024-50596

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRT…

Medium

CVE-2024-50597

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRT…

High

CVE-2024-45064

A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZ…

Medium

CVE-2024-50384

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZ…

Medium

CVE-2024-50385

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZ…

Medium

CVE-2024-50594

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRT…