Description
A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-02-23
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Impairment of source verification in TCP sequence handling allowing remote exploitation
Action: Update Immediately
AI Analysis

Impact

The vulnerability resides in the getpeer function of src/net_builtin.c within Cesanta Mongoose, affecting TCP sequence number handling. It allows an attacker to manipulate network traffic such that the source of a communication channel is not properly verified, potentially permitting spoofed connections or hijacked sessions. This flaw can be triggered remotely, has a high attack complexity rating, and is reported as difficult to exploit, yet the vulnerability has been publicly disclosed and could be used in real‑world attacks.

Affected Systems

Cesanta Mongoose versions up to and including 7.20 are affected. All deployments that use these versions without an update to a later release may be vulnerable. No specific patch information is available from the vendor, and the vendor has not responded to the disclosure.

Risk and Exploitability

The CVSS base score of 6.3 indicates moderate severity, and the EPSS rating of <1% suggests a low probability of exploitation in recent data. The vulnerability is not listed in the CISA KEV catalog, but its public disclosure and remote nature mean that it could be leveraged by attackers who succeed in traversing network boundaries. The high attack complexity and reported difficulty reduce the likelihood of immediate widespread exploitation, but the lack of vendor response and absence of a published fix warrant proactive monitoring and preparation for a future remediation.

Generated by OpenCVE AI on April 17, 2026 at 16:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cesanta Mongoose to a release that contains the fix (any version higher than 7.20).
  • If an upgrade is not immediately possible, implement firewall rules that restrict unsolicited TCP reset traffic to the application or limit reset handling in the network path.
  • Continuously monitor vendor advisories and security bulletins for an official patch, and apply it as soon as it becomes available.

Generated by OpenCVE AI on April 17, 2026 at 16:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Feb 2026 03:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source
First Time appeared Cesanta
Cesanta mongoose
Weaknesses CWE-940
CPEs cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
Vendors & Products Cesanta
Cesanta mongoose
References
Metrics cvssV2_0

{'score': 2.6, 'vector': 'AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.7, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Cesanta Mongoose
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T13:32:57.830Z

Reserved: 2026-02-22T07:57:28.584Z

Link: CVE-2026-2967

cve-icon Vulnrichment

Updated: 2026-02-23T13:32:51.789Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-23T04:16:02.040

Modified: 2026-02-23T20:17:44.177

Link: CVE-2026-2967

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T16:30:05Z

Weaknesses