| عنوان | Cesanta Mongoose Embedded Web Server 7.20 Improper Validation of Specified Index, Position, or Offset in I |
|---|
| الوصف | The built-in TCP/IP stack (MIP) in Mongoose accepts TCP RST packets without validating the source IP address or the sequence number thus allowing an attacker to terminate arbitrary TCP sessions.
The getpeer() function in /src/net_builtin.c matches incoming TCP segments to existing connections using only the port pair (source port, destination port), ignoring the source IP address entirely. Once a connection is matched, the rx_tcp() function immediately terminates the connection upon seeing the RST flag without checking whether the segment's sequence number falls within the valid receive window. This violates RFC 5961 (Improving TCP's Robustness to Blind In-Window Attacks) and allows any host on the network to terminate arbitrary TCP connections by sending a single forged RST packet with the correct port pair and any source IP or sequence number. |
|---|
| المصدر | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md |
|---|
| المستخدم | dwbruijn (UID 93926) |
|---|
| ارسال | 10/02/2026 06:28 PM (2 أشهر منذ) |
|---|
| الاعتدال | 22/02/2026 08:57 AM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 347334 [Cesanta Mongoose حتى 7.20 TCP Sequence Number /src/net_builtin.c getpeer الحرمان من الخدمة] |
|---|
| النقاط | 20 |
|---|