Vulnerabilities > CVE-2019-12951 - Out-Of-Bounds Write vulnerability in Cesanta Mongoose

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
cesanta
CWE-787

Summary

An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow.

Common Weakness Enumeration (CWE)