216.73.216.214

CVE-2025-2259

· Published 06/04/2025 19:15 · Modified 06/04/2025 19:15

Labels: CVE-2025-2259 2025-04-06CVE-2025-2259CWE-191[email protected]

Essential information

Published
06/04/2025 19:15
Modified
06/04/2025 19:15
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the other packet. A possible workaround is to disable HTTP PUT support. This issue follows an incomplete fix of CVE-2025-0727

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References