Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.7 views

SUSE CVE-2026-48860

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.4AI score0.00194EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

FreeBSD : Erlang/OTP -- TLS distribution check_ip flag does not enforce same-LAN constraint (d87e5fb4-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e5fb4-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-gp7x-mfv6-52cv reports: Erlang distribution over...

7.5CVSS5.3AI score0.00194EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.6 views

CVE-2026-48860 Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 2:35 p.m.6 views

EEF-CVE-2026-48860 Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist

Summary Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inet\tls\dist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet\tls\dist:check\ip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/10 2:35 p.m.11 views

EUVD-2026-36057

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.388 views

Apache CouchDB 3.2.1 - Remote Code Execution (RCE)

Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...

10CVSS9.6AI score0.92335EPSS
Exploits8
0day.today
0day.today
added 2018/12/20 12:0 a.m.30 views

Erlang Port Mapper Daemon Cookie Remote Code Execution Exploit

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit:...

0.7AI score
Exploits0
Rows per page
Query Builder