CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-10395

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.0006/1

CVE-2024-10395 is a critical vulnerability involving improper input validation that can lead to a buffer overflow. Specifically, the http_server_get_content_type_from_extension function fails to validate the length of user-supplied input. This flaw can be exploited to potentially execute arbitrary code or cause a denial-of-service condition.

While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30 indicating a low to medium risk, but the "In The Wild" tag suggests active exploitation attempts may be ongoing, increasing the potential for damage. Attackers could leverage this flaw to gain unauthorized access or disrupt normal system operations. Prompt patching and validation are recommended to mitigate the risks associated with this vulnerability. Organizations should monitor systems and logs for suspicious activity related to CVE-2024-10395.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2025-02-03
LAST MODIFIED2025-02-03
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-10395 is a vulnerability related to improper input validation in the http_server_get_content_type_from_extension function. This vulnerability allows attackers to potentially exploit the system by sending malicious, overly long input that could cause a buffer overflow, leading to code execution or denial of service. The SVRS score of 75 indicates a high risk, requiring immediate attention and mitigation.

Key Insights

  1. Buffer Overflow Risk: The lack of proper validation in the http_server_get_content_type_from_extension function opens the door to buffer overflows. Attackers can leverage this vulnerability to inject malicious code, potentially taking control of the affected system.
  2. Remote Code Execution Potential: Successful exploitation of this vulnerability could lead to remote code execution (RCE), allowing attackers to execute arbitrary code on the targeted system. This presents a significant risk to data security, confidentiality, and system integrity.
  3. Wide Impact: The vulnerability affects systems using the http_server_get_content_type_from_extension function, potentially impacting various web servers and applications. This highlights the widespread potential for exploitation.

Mitigation Strategies

  1. Patching: Immediately apply the latest security patches released by the vendor to address this vulnerability. These patches will include necessary code corrections to validate input lengths and prevent buffer overflows.
  2. Input Validation: Implement robust input validation mechanisms at the application level to sanitize and restrict the size of incoming data. This can help prevent malicious input from reaching vulnerable functions.
  3. Network Segmentation: Isolate vulnerable systems from critical networks to limit the potential impact of a successful attack. This can help prevent attackers from gaining access to sensitive data or causing system-wide disruption.
  4. Security Monitoring: Implement comprehensive security monitoring tools to detect suspicious activity and potential exploitation attempts. Continuous monitoring can provide early warnings and enable timely response to attacks.

Additional Information

While there is no evidence of active exploits or specific threat actors targeting this vulnerability at this time, the SVRS score emphasizes the severity of the threat. It is crucial to prioritize mitigation efforts to prevent exploitation attempts.

If you have additional queries regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-10395 | zephyrproject-rtos Zephyr up to 3.7 http_server_get_content_type_from_extension buffer under-read (GHSA-hfww-j92m-x8fv)
vuldb.com2025-02-03
CVE-2024-10395 | zephyrproject-rtos Zephyr up to 3.7 http_server_get_content_type_from_extension buffer under-read (GHSA-hfww-j92m-x8fv) | A vulnerability was found in zephyrproject-rtos Zephyr up to 3.7. It has been rated as critical. This issue affects the function http_server_get_content_type_from_extension. The manipulation leads to buffer under-read. The identification of this vulnerability is CVE-2024
vuldb.com
rss
forum
news

Social Media

CVE-2024-10395 - Apache HTTP Server Input Validation Vulnerability https://t.co/g4IXmv8bYy
0
0
0
[CVE-2024-10395: HIGH] No proper validation of the length of user input in http_server_get_content_type_from_extension.#cybersecurity,#vulnerability https://t.co/1OB3nM03xf https://t.co/yfn5lfeVJV
0
0
0
CVE-2024-10395 No proper validation of the length of user input in http_server_get_content_type_from_extension. https://t.co/LKlSZZNvwD
0
0
1

Affected Software

No affected software found for this CVE

References

ReferenceLink
134C704F-9B21-4F2E-91B3-4A467353BCC0https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfww-j92m-x8fv
[email protected]https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfww-j92m-x8fv
GITHUBhttps://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfww-j92m-x8fv

CWE Details

CWE IDCWE NameDescription
CWE-127Buffer Under-readThe software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence