CVE-2024-57435 | THREATINT

Description

In macrozheng mall-tiny 1.0.1, an attacker can send null data through the resource creation interface resulting in a null pointer dereference occurring in all subsequent operations that require authentication, which triggers a denial-of-service attack and service restart failure.

PUBLISHED Reserved 2025-01-09 | Published 2025-01-31 | Updated 2025-02-03 | Assigner mitre

References

github.com/...l_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md exploit

github.com/...l_vul/blob/main/mall_tiny_dos/mall_tiny_dos.md

cve.org (CVE-2024-57435)

nvd.nist.gov (CVE-2024-57435)

Download JSON