CVE-2024-22087
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-22087 is a newly discovered vulnerability affecting the Pico HTTP Server. The issue lies in the main.c file, where a stack-based buffer overflow can occur due to an overly long URI in the route function. This vulnerability allows remote attackers to exploit the vulnerability by sending specially crafted URI requests, resulting in arbitrary code execution on the server. Successful exploitation could potentially lead to unauthorized access, data theft, or server compromise. It is recommended that users of Pico HTTP Server apply the necessary patches or upgrades to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.