CVE-2025-51495

HIGH

Mongoose 7.5-7.17 - Integer Overflow in WebSocket Component

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-51495. PoCs published by cainiao159357.

AI-analyzed exploit summary The repository provides a detailed technical analysis of an integer overflow vulnerability in Mongoose v7.17's WebSocket module, specifically in the mg_ws_cb function. It includes a description of the root cause, crash demonstration, and PoC modifications to trigger the vulnerability.

Description

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.

Exploits (1)

nomisec WRITEUP
by cainiao159357 · poc
https://github.com/cainiao159357/CVE-2025-51495

The repository provides a detailed technical analysis of an integer overflow vulnerability in Mongoose v7.17's WebSocket module, specifically in the mg_ws_cb function. It includes a description of the root cause, crash demonstration, and PoC modifications to trigger the vulnerability.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Mongoose v7.17
No auth needed
Prerequisites: Network access to the target WebSocket server · Ability to send crafted WebSocket packets
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0039
EPSS Percentile 30.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-190
Status published
Products (1)
cesanta/mongoose 7.5 - 7.17
Published Sep 29, 2025
Tracked Since Feb 18, 2026