STMicroelectronics X-CUBE-AZRTOS-WL Integer Underflow Vulnerability in HTTP Server PUT Request

A denial-of-service vulnerability due to an integer underflow has been identified in the HTTP server's PUT request handling within STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0. This vulnerability arises in the NetX Duo Web Component HTTP Server implementation, where a specially crafted network packet can cause a significant disruption by consuming all available file system resources. The issue occurs when the server processes the 'Content-Length' header of an HTTP PUT request, allowing an attacker to write an excessively large file that exhausts file system capacity.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition by causing the device to run out of available file system resources, potentially disrupting normal operations or causing applications to fail.

Reproduction

To reproduce this vulnerability, send an HTTP PUT request to a server running STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. Include a 'Content-Length' header value that is smaller than the actual size of the data being sent. The server will process the request, leading to an integer underflow that allows an excessive amount of data to be written to the file system.

Remediation

Users can update to the patched version released by STMicroelectronics to address this vulnerability.