Heap overflow in InterNiche TCP/IP stack's HTTP server leads to remote code execution when sending a crafted HTTP POST request
InterNiche (, 4.3), fixed in 4.3
NicheStack (also known as InterNiche stack) is a proprietary TCP/IP stack developed originally by InterNiche Technologies and acquired by HCC Embedded in 2016. A heap-based buffer overflow was discovered when the NicheStack HTTP server parses HTTP POST packets. CVE-2021-31226 occurs during the parsing of the HTTP Request URI field in the function ht_readmsg
. After making sure the packet has a valid Content-Length
header value, the parsing logic gets the pointer to the request URI (requri
) by calling ht_nextarg
on the HTTP request’s buffer and stores this pointer in the header_struct->fi->requri
. A request URI string larger than 52 bytes will overflow into the fixed-size heap buffer via a vulnerable strcpy call. Note that the HTTP server is optional, and may be disabled or compiled-out entirely.
No PoC is supplied for this issue
If not needed, disable the NicheStack HTTP server through the NicheStack CLI
(JFrog) INFRA:HALT New Vulnerabilities Impacting OT and Critical Infrastructure