CVE-2025-55763
Published: 29 August 2025
Summary
CVE-2025-55763 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Civetweb Project Civetweb. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 12.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CivetWeb versions 1.14 through 1.16 contain a buffer overflow vulnerability in the URI parser, tracked as CVE-2025-55763. The flaw is triggered during HTTP request processing and is classified under CWE-121, with a CVSS 3.1 score of 7.5 reflecting network-accessible attack conditions that require no authentication or user interaction.
A remote attacker can send a specially crafted HTTP request to exploit the issue, resulting in heap memory corruption that may cause a denial of service or enable arbitrary code execution. The vulnerability affects any deployment accepting untrusted requests through the affected CivetWeb versions.
EPSS for this CVE rose from a low baseline to a peak of 0.0581 on 2026-03-26 before receding to the current value of 0.0325, indicating a period of increased exploitation interest after disclosure. The provided references point to the CivetWeb repository and a dedicated CVE disclosure repository but contain no explicit mitigation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-26228
Vulnerability details
Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HTTP request. This vulnerability is triggered during request processing and may allow an attacker to corrupt…
more
heap memory, potentially leading to denial of service or arbitrary code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in CivetWeb URI parser enables remote code execution via crafted HTTP requests to an Internet-facing web server.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.