7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)False Positive:
A heap-based buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose. The vulnerability is due to insufficient input validation when processing MQTT messages within the parse mqtt method. To trigger this vulnerability, an attacker must send a specially crafted MQTT packet over the network. Successful exploitation results in remote code execution or denial of service conditions of the application.