CVE-2024-57435 Information

Feb 01, 2025 cve

Description

In macrozheng mall-tiny 1.0.1 an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication which triggers a denial-of-service attack and service restart failure.

Reference

https://github.com/peccc/restful_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md

Share on: