CVE-2024-28214

2024-03-0704:49:57

CWE-400

naver

www.cve.org

ngrinder

delay setting

denial of service

remote attacker

cve-2024-28214

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial of Service by remote attacker.

CNA Affected

[
  {
    "vendor": "NAVER",
    "product": "nGrinder",
    "versions": [
      {
        "status": "unaffected",
        "version": "3.5.9"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

cve.naver.com/detail/cve-2024-28214.html