Skip to main content

Swupdate

2 CVEs product

Monthly

CVE-2025-41259 HIGH PATCH This Week

Local privilege escalation in SWUpdate versions before 2026.05 allows unprivileged users to gain root or install attacker-controlled content by winning a TOCTOU race during processing of a signed update. The flaw, reported by SBA Research and tracked as EUVD-2025-210052, undermines SWUpdate's signed-update integrity model on embedded Linux devices. No public exploit identified at time of analysis, but an upstream patch is available via commit f4bd6426.

Privilege Escalation Swupdate
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-28525 HIGH PATCH This Week

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing. Attackers can trigger an integer underflow in the mg_http_multipart_continue_wait_for_chunk() function when the buffer length falls within a specific range, causing an out-of-bounds heap read that writes data beyond the allocated receive buffer to a local IPC socket.

Integer Overflow Denial Of Service Swupdate
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Local privilege escalation in SWUpdate versions before 2026.05 allows unprivileged users to gain root or install attacker-controlled content by winning a TOCTOU race during processing of a signed update. The flaw, reported by SBA Research and tracked as EUVD-2025-210052, undermines SWUpdate's signed-update integrity model on embedded Linux devices. No public exploit identified at time of analysis, but an upstream patch is available via commit f4bd6426.

Privilege Escalation Swupdate
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH PATCH This Week

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing. Attackers can trigger an integer underflow in the mg_http_multipart_continue_wait_for_chunk() function when the buffer length falls within a specific range, causing an out-of-bounds heap read that writes data beyond the allocated receive buffer to a local IPC socket.

Integer Overflow Denial Of Service Swupdate
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy