Vulnerabilities > CVE-2021-26529 - Out-of-bounds Write vulnerability in Cesanta Mongoose
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |