Volerion logoVolerion
Volerion logoVolerion

ttttupup wxhelper Heap-Based Buffer Overflow Vulnerability

Vulnerability

A heap-based buffer overflow vulnerability has been identified in ttttupup wxhelper versions through 3.9.10.19-v1. This out-of-bounds write vulnerability is located in the 'src/modules' directory, within the file 'mongoose.C'. The issue arises because the wxhelper version of the file was cloned from the original mongoose repository but did not receive an important security patch. The vulnerability can be exploited by manipulating the variable length header in the MQTT protocol, leading to potential memory corruption.

Impact

Exploitation of this vulnerability allows for a heap-based buffer overflow, which can commonly lead to arbitrary code execution or memory corruption.

Remediation

Users can update to the latest version of ttttupup wxhelper, where this vulnerability has been fixed. The patch applied in the official repository can be referenced in the GitHub pull request #515.

Added: Jan 27, 2026, 9:20 AM
Updated: Jan 27, 2026, 3:19 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
1.9
exploitability
7.4
remediation
0.0
relevance
2.5
threat
0.0
urgency
10.0
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.