VYPR

CWE-239

Failure to Handle Incomplete Element

VariantDraft

Description

The product does not properly handle when a particular element is not completely specified.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (2)

  • CVE-2025-41724HigOct 22, 2025
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.

  • CVE-2024-29155MedOct 16, 2024
    risk 0.28cvss 4.3epss 0.00

    On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair…