4 matches found
CVE-2024-53275
Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...
CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery
Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...
CVE-2024-53275 GHSL-2024-091: DNS rebinding attack in home-gallery
Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable to DNS rebinding. I...
CVE-2024-53275
Home-Gallery.org (versions 1.15.0 and earlier) is vulnerable to DNS rebinding due to default exposure without TLS or authentication. An attacker can lure a user to a malicious site, then switch DNS to point to the internal Home-Gallery host and read the web server’s responses, potentially exfiltr...