CVEbaza.plSłownik CWECWE-239
Common Weakness Enumeration

CWE-239

Failure to Handle Incomplete Element

Kategoria: VariantCVE: 3
Opis

Produkt nie obsługuje prawidłowo sytuacji, gdy dany element nie jest w pełni określony. Może to prowadzić do nieoczekiwanego zachowania systemu lub podatności na ataki.

Description (EN)

The product does not properly handle when a particular element is not completely specified.

Podatności CVE z CWE-239 (3)
7.5
CVSS
HIGH
CVE-2025-41724

An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.

pub. 2025-10-22
7.5
CVSS
HIGH
CVE-2020-10280

The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.

pub. 2020-06-24
4.3
CVSS
MEDIUM
CVE-2024-29155

On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair request to be blocked.

pub. 2024-10-16
Informacje
ID: CWE-239
Typ: Variant
Podatności: 3
MITRE CWE ↗
← Słownik CWE