10 matches found
Exploit for CVE-2024-51348
CVE-2024-51348: Unauthenticated Remote Code Execution in BS Pe...
DragonFly vulnerable to arbitrary file read and write on a peer machine
Impact A peer exposes the gRPC API and HTTP API for consumption by other peers. These APIs allow peers to send requests that force the recipient peer to create files in arbitrary file system locations, and to read arbitrary files. This allows peers to steal other peers’ secret data and to gain...
CVE-2022-41925
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
CVE-2022-41925
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
Design/Logic Flaw
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
CVE-2022-41925 Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
Tailscale 跨站请求伪造漏洞
Tailscale is an open source WireGuard based application from Tailscale. Can provide a secure private network for any size team . Tailscale v1.32.3 before the version of the cross-site request forgery vulnerability , the vulnerability stems from allowing malicious websites to access the peer-to-pe...
CVE-2022-41925 Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the peer API was vulnerable to DNS rebinding. This allowed an attacker-controlled website visited by the...
GHSA-QCCM-WMCQ-PWR6 Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. Affected platforms: All Patched Tailscale client versions: v1.32.3 or later, v1.33.257 or later unstable What happened? In the...
Tailscale daemon is vulnerable to information disclosure via CSRF
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. Affected platforms: All Patched Tailscale client versions: v1.32.3 or later, v1.33.257 or later unstable What happened? In the...