Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet.
An attacker sends a crafted CoAP packet that causes a stack buffer overflow in the message processing function in the coap_msg.c file. The vulnerability results from insufficient validation of input data length before copying it to a fixed-size buffer (CWE-120). The exploit can be executed remotely, without authentication, and without user interaction.
An attacker can remotely execute arbitrary code on the vulnerable system (RCE) or cause its failure and denial of service (DoS). In the event of successful code execution, it is possible to take full control of the device or service using FreeCoAP.
Apply patches available from the vendor according to the references. Until the patch is applied, it is recommended to restrict network access to services using FreeCoAP using firewall or network segmentation.
Keith-Cullen FreeCoAP — versions indicated in the vendor references
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HKeith Cullen Freecoap
APPKeith-Cullen0.7
Related vulnerabilities
Null Pointer Dereference w FreeCoAP — RCE i DoS przez spreparowany pakiet CoAP
Błąd NULL pointer dereference w FreeCoAP — DoS i ujawnienie informacji
An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allo...