mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
795 B
795 B
CVE-2018-6849
Description
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
POC
Reference
- https://voidsec.com/vpn-leak/
- https://voidsec.com/vpn-leak/
- https://www.exploit-db.com/exploits/44403/
- https://www.exploit-db.com/exploits/44403/
Github
No PoCs found on GitHub currently.