Short Name |
APP:MISC:MQTT-CSNTA-RCE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Cesanta Mongoose 6.8 CVE-2017-2894 MQTT Remote Code Execution. |
Release Date |
2019/03/12 |
Update Number |
3149 |
Supported Platforms |
srx-17.3+, srx-branch-17.4+, vsrx-15.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against MQTT packet parsing functionality of Cesanta Mongoose 6.8 .A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution.
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability.