7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)False Positive:
A stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose. The vulnerability is due to insufficient input validation when processing MQTT SUBSCRIBE messages within mg mqtt broker handle subscribe method. To trigger this vulnerability, an attacker must send a specially crafted MQTT packet over the network. Successful exploitation results in remote code execution or denial of service conditions of the application.