CVE-2023-31247 – A memory corruption vulnerability in Weston Emb... (How to Fix)

Q: What is the severity of CVE-2023-31247?

CVE-2023-31247 has a CVSS score of 9.0 (CRITICAL). A memory corruption vulnerability in Weston Embedded uC-HTTP v3.01.01's HTTP Server Host header parsing allows remote code execution via specially crafted network packets. This affects systems running the vulnerable version of uC-HTTP server software, potentially enabling attackers to take control of affected devices.

📋 TL;DR

A memory corruption vulnerability in Weston Embedded uC-HTTP v3.01.01's HTTP Server Host header parsing allows remote code execution via specially crafted network packets. This affects systems running the vulnerable version of uC-HTTP server software, potentially enabling attackers to take control of affected devices.

💻 Affected Systems

Products:

Weston Embedded uC-HTTP

Versions: v3.01.01

Operating Systems: Any OS running uC-HTTP v3.01.01

Default Config Vulnerable: ⚠️ Yes

Notes: Any system using the vulnerable HTTP server component with network exposure is affected.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the device, potentially leading to data theft, lateral movement, or persistent backdoor installation.

🟠

Likely Case

Remote code execution allowing attackers to run arbitrary commands on vulnerable systems, potentially leading to service disruption or data exfiltration.

🟢

If Mitigated

Denial of service or system instability if exploitation attempts are blocked or fail, but no code execution occurs.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to the HTTP server but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v3.01.02 or later

Vendor Advisory: https://www.weston-embedded.com/security-advisories

Restart Required: Yes

Instructions:

1. Download latest uC-HTTP version from Weston Embedded. 2. Replace vulnerable files with patched version. 3. Recompile application if using source. 4. Restart HTTP service or reboot system.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to uC-HTTP servers using firewalls or network ACLs

Input Validation

all

Implement proxy or WAF to validate and sanitize Host headers before reaching uC-HTTP

🧯 If You Can't Patch

Implement strict network segmentation to isolate vulnerable systems
Deploy web application firewall (WAF) with Host header validation rules

🔍 How to Verify

Check if Vulnerable:

Check uC-HTTP version in application configuration or by examining binary/library versions

Check Version:

Check application configuration files or use system package manager commands specific to your deployment

Verify Fix Applied:

Verify uC-HTTP version is v3.01.02 or later and test HTTP server functionality

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP requests with malformed Host headers
HTTP server crashes or abnormal termination

Network Indicators:

HTTP packets with unusually long or malformed Host headers
Multiple rapid connection attempts to HTTP port

SIEM Query:

http.method=* AND http.host CONTAINS suspicious_pattern OR http.server="uC-HTTP/3.01.01"

📊 Metadata

CVE ID: CVE-2023-31247

CVSS v3 Score: 9.0 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-119

Published: November 14, 2023

Last Updated: November 4, 2025

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1746 Exploit,Technical Description,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1746 Exploit,Technical Description,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1746

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31247, you might also want to check these: