cve/CVE-2024-34694.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

925 B

Raw Permalink Blame History

CVE-2024-34694

Description

LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.

POC

Reference

https://github.com/lnbits/lnbits/security/advisories/GHSA-3j4h-h3fp-vwww

Github

No PoCs found on GitHub currently.

925 B Raw Permalink Blame History

CVE-2024-34694

Description

POC

Reference

Github

925 B

Raw Permalink Blame History