CVE-2024-22087

Published January 5th, 2024

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

1

PROJECT

Description

route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long URI, leading to remote code execution.

This is a very simple HTTP server for Unix, using fork(). It's very easy to use.

GitHub

107