CVE-2024-50384

2 Abr 2025

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-50384

Mié, 02/04/2025 – 14:15

Tipo

CWE-459

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-50384

Descripción en

A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects X-CUBE-AZRTOS-F7 NetX Duo Web Component HTTP server v 1.1.0. This HTTP server implementation is contained in this file – x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c

02/04/2025

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2097

Enviar en el boletín

Off

CVE-2024-50384

CVE-2024-50384

Jose Alexis Correa Valencia