Vulnerabilities > CVE-2021-26530 - Out-of-bounds Write vulnerability in Cesanta Mongoose 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |