CWE-239
3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-239page 1 of 1
- CVE-2020-10280HIGHCVSS 7.5EG 7.52020-06-24
The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.
- CVE-2024-29155MEDIUMCVSS 4.3EG 4.32024-10-16
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request jus…
- CVE-2025-41724HIGHCVSS 7.5EG 7.52025-10-22
An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.
Map vulnerabilities like CWE-239 to your infrastructure
EchelonGraph correlates every CVE — across CWE-239 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →