Cisco Blogs

Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server

- October 31, 2017 - 0 Comments

These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos

Today, Talos is disclosing several vulnerabilities that have been identified in Cesanta Mongoose server.

Cesanta Mongoose is a library implementing a number of networking protocols, including HTTP, MQTT, MDNS and others. It is designed with embedded devices in mind and as such is used in many IoT devices and runs on virtually all popular IoT platforms. The small size of the software enables any Internet-connected device to function as a web server. Mongoose is available under GPL v2 and commercial licenses.

All discovered vulnerabilities are fixed in version 6.10 of the library.


Leave a comment

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.