CNNVD-202508-3548 Information

CNNVD ID

CNNVD-202508-3548

Related CVE

CVE-2025-55763

• CNNVD Published: 2025-08-29

Description (Chinese)

CivetWeb是开源（Civetweb）的一个易于使用、功能强大、可嵌入 C/C++ 的 Web 服务器，具有可选的 CGI、SSL 和 Lua 支持。 CivetWeb 1.14至1.16版本存在安全漏洞，该漏洞源于URI解析器存在缓冲区溢出，可能导致远程代码执行。

Description (English)

CivetWeb is an easy-to-use, powerful, embedded C/C++ Web server with optional CGI, SSL and Lua support. CivetWeb 1.14-1.16 has a security loophole, which stems from the presence of a buffer zone spill, which may lead to remote code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Civetweb

Published

2025-08-29

Last Modified

2026-02-24

References

https://github.com/krispybyte/CVE-2025-55763 https://github.com/civetweb/civetweb https://nvd.nist.gov/vuln/detail/CVE-2025-55763 https://vigilance.fr/vulnerability/CivetWeb-buffer-overflow-via-URI-Parser-48213