Details of VAR-202508-2727

ID

VAR-202508-2727

CVE

CVE-2025-55763

TITLE

CivetWeb project of CivetWeb Stack-based buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2025-013521

DESCRIPTION

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt heap memory, potentially leading to denial of service or arbitrary code execution. CivetWeb project of CivetWeb Exists in a stack-based buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-55763 // JVNDB: JVNDB-2025-013521

AFFECTED PRODUCTS

vendor:	civetweb	model:	civetweb	scope:	gte	version:	1.14	Trust: 1.0
vendor:	civetweb	model:	civetweb	scope:	lte	version:	1.16	Trust: 1.0
vendor:	civetweb	model:	civetweb	scope:	eq	version:	1.14 to 1.16	Trust: 0.8
vendor:	civetweb	model:	civetweb	scope:	eq	version:	-	Trust: 0.8
vendor:	civetweb	model:	civetweb	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-013521 // NVD: CVE-2025-55763

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-55763
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-013521
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-55763
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-013521
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-013521 // NVD: CVE-2025-55763

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-013521 // NVD: CVE-2025-55763

EXTERNAL IDS

db:	NVD	id:	CVE-2025-55763	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-013521	Trust: 0.8

sources: JVNDB: JVNDB-2025-013521 // NVD: CVE-2025-55763

REFERENCES

url:	https://github.com/civetweb/civetweb	Trust: 1.8
url:	https://github.com/krispybyte/cve-2025-55763	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-55763	Trust: 0.8

sources: JVNDB: JVNDB-2025-013521 // NVD: CVE-2025-55763

SOURCES

db:	JVNDB	id:	JVNDB-2025-013521
db:	NVD	id:	CVE-2025-55763

LAST UPDATE DATE

2025-09-11T23:48:50.199000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-013521	date:	2025-09-10T00:54:00
db:	NVD	id:	CVE-2025-55763	date:	2025-09-09T13:57:35.233

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-013521	date:	2025-09-10T00:00:00
db:	NVD	id:	CVE-2025-55763	date:	2025-08-29T17:15:35.790