Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and previous versions and Mongoose OS 1.2 and previous versions allows remote malicious users to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cesanta mongoose os |
||
cesanta mongoose embedded web server library |