2 matches found
CVE-2017-12118
CVE-2017-12118 refers to a vulnerability in cpp-ethereum’s JSON‑RPC miner_stop API where improper authorization could allow a remote attacker to trigger functionality reserved for admins. The weakness stems from missing privilege checks in miner_stop (no RPC_ADMIN guard), with attacker-controlled...
CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability(CVE-2017-12118)
Summary An exploitable improper authorization vulnerability exists in minerstop API of cpp-ethereum's JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigge...