mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
37 lines
1.5 KiB
JSON
37 lines
1.5 KiB
JSON
{
|
|
"id": "CVE-2023-30312",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-05-28T22:15:11.247",
|
|
"lastModified": "2024-06-19T04:15:10.477",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue discovered in OpenWrt 18.06, 19.07, 21.02, 22.03, and beyond allows off-path attackers to hijack TCP sessions, which could lead to a denial of service, impersonating the client to the server (e.g., for access to files over FTP), and impersonating the server to the client (e.g., to deliver false information from a finance website). This occurs because nf_conntrack_tcp_no_window_check is true by default."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Un problema descubierto en enrutadores que ejecutan Openwrt 18.06, 19.07, 21.02, 22.03 y posteriores permite a los atacantes secuestrar sesiones TCP, lo que podr\u00eda provocar una denegaci\u00f3n de servicio."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks/",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://news.ycombinator.com/item?id=40723150",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://openwrt.org/docs/guide-developer/security",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.ndss-symposium.org/ndss-paper/exploiting-sequence-number-leakage-tcp-hijacking-in-nat-enabled-wi-fi-networks/",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |