Unrated severityNVD Advisory· Published Apr 6, 2025· Updated Apr 15, 2025
Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow
CVE-2025-2258
Description
In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaround is to disable HTTP PUT support.
This issue follows an uncomplete fix in CVE-2025-0728.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <6.4.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.