CVE-2025-55763
Last modified
CVE-2025-55763 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution.. EPSS estimates a 1.12% chance of exploitation in the next 30 days.
Description
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Civetweb Project | Civetweb | >= 1.14, <= 1.16 |
References
- https://github.com/krispybyte/CVE-2025-55763Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-55763?
How severe is CVE-2025-55763?
How do I fix CVE-2025-55763?
Are you affected by CVE-2025-55763?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST