High
CVSS 7.5
Overview
In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before
version 6.4.2, an attacker can cause an integer underflow and a
subsequent denial of service by writing a very large file, by specially
crafted packets with Content-Length smaller than the data request size. A
possible workaround is to disable HTTP PUT support.