Eclipse ThreadX NetX Duo HTTP Server Integer Underflow Vulnerability in PUT Requests

A denial-of-service vulnerability has been identified in the HTTP server functionality of Eclipse ThreadX NetX Duo, prior to version 6.4.3. This issue arises from an integer underflow that can be exploited by sending specially crafted HTTP PUT requests. An attacker can manipulate the Content-Length header to create a discrepancy between the reported length and the actual data being sent, leading to the writing of excessively large files. This, in turn, can exhaust file system resources and cause a denial of service.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition by causing excessive consumption of file system resources, potentially filling up available storage and disrupting normal operations.

Reproduction

To reproduce this vulnerability, send an HTTP PUT request with a Content-Length header that is smaller than the actual size of the data being transmitted in the following packets. The server will process the request, leading to an integer underflow that allows for the writing of a very large file, which can consume all available file system resources.

Remediation

Users can update to Eclipse ThreadX NetX Duo version 6.4.3 or later, where this vulnerability has been patched. Additionally, developers can disable HTTP PUT support in their application.