2 matches found
kube-router: GoBGP gRPC Admin Port Exposed on Node Primary IP Without Authentication, Allowing Cluster-Wide BGP Route Injection
Summary When the kube-router routing controller starts --run-router, it binds the GoBGP gRPC management server to the node's primary IP e.g., 192.168.1.10:50051 in addition to 127.0.0.1:50051. The default admin port is 50051 and the server is enabled by default with no TLS and no authentication...
CVE-2024-35199 TorchServe gRPC Port Exposure
TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. In affected versions the two gRPC ports 7070 and 7071, are not bound to localhost by default, so when TorchServe is launched, these two interfaces are bound to all interfaces. Customers using PyTor...