cesanta security advisories
5 threat alerts tracking vulnerabilities and security advisories that affect cesanta products.
Vulnios monitors cesanta CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent cesanta security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2017-2892 — cesanta — mongoose
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory
criticalCVE-2017-2892Critical Vulnerability: CVE-2017-2891 — cesanta — mongoose
An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed poin
criticalCVE-2017-2891Critical Vulnerability: CVE-2017-2921 — cesanta — mongoose
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a
criticalCVE-2017-2921Critical Vulnerability: CVE-2017-2922 — cesanta — mongoose
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while le
criticalCVE-2017-2922Critical Vulnerability: CVE-2017-2894 — cesanta — mongoose
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow
criticalCVE-2017-2894
Track cesanta exposure across your environment
Vulnios automatically cross-references your asset inventory against new cesanta CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan