Lucene search

CasaOS Gateway vulnerable to incorrect identification of source IP addresses

🗓️ 17 Jul 2023 14:09:36Reported by GoogleType

osv🔗 osv.dev👁 9 Views

CasaOS Gateway allows unauthenticated attackers to execute root command

Reporter	Title	Published	Views	Family All 13
CVE	CVE-2023-37265	17 Jul 202321:15	–	cve
Vulnrichment	CVE-2023-37265 Incorrect identification of source IP addresses in CasaOS	17 Jul 202320:59	–	vulnrichment
Prion	Design/Logic Flaw	17 Jul 202321:15	–	prion
NVD	CVE-2023-37265	17 Jul 202321:15	–	nvd
CNVD	IBM DB2 is a relational database management system from International Business Machines (IBM). The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a denial of service.	19 Jul 202300:00	–	cnvd
Cvelist	CVE-2023-37265 Incorrect identification of source IP addresses in CasaOS	17 Jul 202320:59	–	cvelist
OSV	GO-2023-1932 CasaOS Gateway vulnerable to incorrect identification of source IP addresses in github.com/IceWhaleTech/CasaOS-Gateway	20 Aug 202420:31	–	osv
OSV	CVE-2023-37265	17 Jul 202321:15	–	osv
Nuclei	CasaOS < 0.4.4 - Authentication Bypass via Internal IP	27 Jul 202309:11	–	nuclei
Veracode	Lack Of IP Address Verification	19 Jul 202302:28	–	veracode

Source	Link
github	www.github.com/IceWhaleTech/CasaOS-Gateway/security/advisories/GHSA-vjh7-5r6x-xh6g
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-37265
github	www.github.com/IceWhaleTech/CasaOS-Gateway/commit/391dd7f0f239020c46bf057cfa25f82031fc15f7
github	www.github.com/IceWhaleTech/CasaOS-Gateway
sonarsource	www.sonarsource.com/blog/security-vulnerabilities-in-casaos

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Jul 2023 14:36Current

7.8High risk

Vulners AI Score7.8

CVSS39.8

EPSS0.6237

SSVC