IpMatcher 1.0.4.1 Server-Side Request Forgery

Discussion in 'News Aggregator' started by Packet Storm, 17 May 2022.

  1. Packet Storm

    Packet Storm Guest

    IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors.

    Continue reading...
     

Share This Page

Loading...