CVEbaza.plCWE DictionaryCWE-239
Common Weakness Enumeration

CWE-239

Failure to Handle Incomplete Element

Category: VariantCVE: 3
Description

The product does not properly handle when a particular element is not completely specified.

CVE vulnerabilities with CWE-239 (3)
7.5
CVSS
HIGH
CVE-2025-41724

An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.

pub. 2025-10-22
7.5
CVSS
HIGH
CVE-2020-10280

The Apache server on port 80 that host the web interface is vulnerable to a DoS by spamming incomplete HTTP headers, effectively blocking the access to the dashboard.

pub. 2020-06-24
4.3
CVSS
MEDIUM
CVE-2024-29155

On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is received, the device becomes incapable of completing the pairing process. A third party can inject a second PairReqNoInputNoOutput request just after a real one, causing the pair request to be blocked.

pub. 2024-10-16
Information
ID: CWE-239
Type: Variant
Vulnerabilities: 3
MITRE CWE ↗
← CWE Dictionary