Description
A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Published: 2026-04-02
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack based buffer overflow was found in the handle_mdns_record function of the Cesanta library. Supplying a specially crafted buffer to the mDNS record handler can overflow the stack, allowing an attacker to execute arbitrary code. The weakness is a classic stack based buffer overflow.

Affected Systems

Any deployment using Cesanta Mongoose version 7.20 or earlier is vulnerable. The library is used in embedded and network applications that implement mDNS. Cesanta released version 7.21, identified by commit 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1, which contains the fix.

Risk and Exploitability

The CVSS score of 6.3 classifies the vulnerability as medium severity. EPSS information is not available and the issue is not listed in CISA's KEV catalog. A public exploit exists, though the attack requires precise packet manipulation and is considered difficult. Remote exploitation is possible over a network connection to the mDNS port, but the complexity makes it less likely to be widely abused.

Generated by OpenCVE AI on April 2, 2026 at 11:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cesanta Mongoose to version 7.21 or later to apply the security fix.
  • Verify that the deployed library version matches the patched release.
  • If an upgrade is not immediately possible, restrict mDNS traffic to trusted networks and monitor for abnormal packet patterns.
  • Regularly check Cesanta’s release notes and security advisories for future updates.

Generated by OpenCVE AI on April 2, 2026 at 11:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been made public and could be used. Upgrading to version 7.21 will fix this issue. The patch is named 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. You should upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Title Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow
First Time appeared Cesanta
Cesanta mongoose
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
Vendors & Products Cesanta
Cesanta mongoose
References
Metrics cvssV2_0

{'score': 5.1, 'vector': 'AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.6, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Cesanta Mongoose
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-02T14:27:27.092Z

Reserved: 2026-03-31T14:45:52.658Z

Link: CVE-2026-5245

cve-icon Vulnrichment

Updated: 2026-04-02T14:27:17.979Z

cve-icon NVD

Status : Received

Published: 2026-04-02T10:16:17.443

Modified: 2026-04-02T10:16:17.443

Link: CVE-2026-5245

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T20:21:35Z

Weaknesses