| 제목 | Cesanta Mongoose Embedded Web Server 7.20 Improper Validation of Specified Index, Position, or Offset in I |
|---|
| 설명 | The built-in TCP/IP stack (MIP) in Mongoose accepts TCP RST packets without validating the source IP address or the sequence number thus allowing an attacker to terminate arbitrary TCP sessions.
The getpeer() function in /src/net_builtin.c matches incoming TCP segments to existing connections using only the port pair (source port, destination port), ignoring the source IP address entirely. Once a connection is matched, the rx_tcp() function immediately terminates the connection upon seeing the RST flag without checking whether the segment's sequence number falls within the valid receive window. This violates RFC 5961 (Improving TCP's Robustness to Blind In-Window Attacks) and allows any host on the network to terminate arbitrary TCP connections by sending a single forged RST packet with the correct port pair and any source IP or sequence number. |
|---|
| 원천 | ⚠️ https://github.com/dwBruijn/CVEs/blob/main/Mongoose/tcp_rst.md |
|---|
| 사용자 | dwbruijn (UID 93926) |
|---|
| 제출 | 2026. 02. 10. PM 06:28 (3 개월 ago) |
|---|
| 모더레이션 | 2026. 02. 22. AM 08:57 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 347334 [Cesanta Mongoose 까지 7.20 TCP Sequence Number /src/net_builtin.c getpeer 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|