CVE-2025-0726 – A denial-of-service vulnerability in Eclipse Th... (How to Fix)

Q: What is the severity of CVE-2025-0726?

CVE-2025-0726 has a CVSS score of 7.5 (HIGH). A denial-of-service vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to exhaust file handles by sending specially crafted packets. This causes all subsequent file requests to return 404 errors until the system is restarted. Affects all systems using NetX Duo HTTP server with PUT request support enabled.

📋 TL;DR

A denial-of-service vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to exhaust file handles by sending specially crafted packets. This causes all subsequent file requests to return 404 errors until the system is restarted. Affects all systems using NetX Duo HTTP server with PUT request support enabled.

💻 Affected Systems

Products:

Eclipse ThreadX NetX Duo

Versions: All versions before 6.4.2

Operating Systems: Any OS running NetX Duo

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with HTTP server functionality and PUT request support enabled.

📦 What is this software?

Threadx Netx Duo by Eclipse

View all CVEs affecting Threadx Netx Duo →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete HTTP service disruption requiring system reboot, potentially affecting critical embedded systems and IoT devices.

🟠

Likely Case

HTTP service becomes unavailable for file requests, disrupting web functionality until system restart.

🟢

If Mitigated

Minimal impact if PUT requests are disabled or systems are patched.

🌐 Internet-Facing: HIGH - Attackers can remotely trigger the DoS without authentication.

🏢 Internal Only: MEDIUM - Internal attackers could still disrupt services but with less impact than external attacks.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires sending specially crafted packets but no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.4.2

Vendor Advisory: https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-pwf8-5q9w-m763

Restart Required: Yes

Instructions:

1. Update NetX Duo to version 6.4.2 or later. 2. Rebuild and redeploy your application. 3. Restart affected systems.

🔧 Temporary Workarounds

Disable PUT Request Support

all

Disable HTTP PUT method support in NetX Duo configuration to prevent exploitation.

# In your NetX Duo configuration, set NX_DISABLE_HTTP_PUT to true or remove PUT method support

🧯 If You Can't Patch

Disable HTTP PUT request support in configuration
Implement network filtering to block suspicious HTTP PUT requests
Monitor for abnormal 404 error patterns and restart services if detected

🔍 How to Verify

Check if Vulnerable:

Check NetX Duo version: if < 6.4.2 and HTTP server with PUT support is enabled, system is vulnerable.

Check Version:

# Check your NetX Duo library version in build configuration or source code

Verify Fix Applied:

Verify NetX Duo version is 6.4.2 or later and test HTTP PUT requests don't cause subsequent 404 errors.

📡 Detection & Monitoring

Log Indicators:

Sudden increase in HTTP 404 errors after PUT requests
File handle exhaustion warnings
HTTP service restart events

Network Indicators:

Malformed HTTP PUT packets
Repeated PUT requests followed by GET requests returning 404

SIEM Query:

source="http_logs" status=404 | stats count by src_ip | where count > threshold

📊 Metadata

CVE ID: CVE-2025-0726

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-459

EPSS Score: 0.13% exploit probability (32.9th percentile)

Published: February 21, 2025

Last Updated: July 31, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0726, you might also want to check these: