CVE-2017-2893
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoos
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.
HIGH · CVSS 7.5
EPSS 0.05265
Act now
- EPSS percentile: top 10% of all CVEs by exploitation likelihood
- Public exploit or PoC is available
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0