CVE-2017-2921
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-2921
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An attacker needs to send a specially crafted websocket packet over network to trigger this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cesanta Mongoose 数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cesanta Mongoose是爱尔兰Cesanta公司的一套嵌入式服务器库,它包括TCP、HTTP客户端和服务器、WenSocket客户端和服务器等功能。Websocket protocol是其中的一个Websocket通信协议。 Cesanta Mongoose 6.8版本中的Websocket protocol实现存在整数溢出漏洞。远程攻击者可通过发送特制的websocket数据包利用该漏洞造成拒绝服务或执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2017-2921
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-2921
Please Login to view more intelligence information
Same Patch Batch · Cesanta · 2017-11-07 · 8 CVEs total
| CVE-2017-2891 | Cesanta Mongoose 安全漏洞 | |
| CVE-2017-2892 | Cesanta Mongoose 数字错误漏洞 | |
| CVE-2017-2893 | Cesanta Mongoose 安全漏洞 | |
| CVE-2017-2894 | Cesanta Mongoose 缓冲区错误漏洞 | |
| CVE-2017-2895 | Cesanta Mongoose 数字错误漏洞 | |
| CVE-2017-2909 | Cesanta Mongoose 安全漏洞 | |
| CVE-2017-2922 | Cesanta Mongoose 安全漏洞 |
IV. Related Vulnerabilities
Same product: Mongoose
- CVE-2026-6986
Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_ - CVE-2026-6985
Cesanta Mongoose TCP Option net_builtin.c handle_opt infinit - CVE-2026-5246
Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_c - CVE-2026-5245
Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record s - CVE-2026-5244
Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-ba
Same vendor: Cesanta
- CVE-2026-6986
Cesanta Mongoose GCM Authentication Tag tls_aes128.c mg_aes_ - CVE-2026-6985
Cesanta Mongoose TCP Option net_builtin.c handle_opt infinit - CVE-2026-5246
Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_c - CVE-2026-5245
Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record s - CVE-2026-5244
Cesanta Mongoose TLS 1.3 mongoose.c mg_tls_recv_cert heap-ba
V. Comments for CVE-2017-2921
No comments yet