Lucene search
K
EthereumCpp-ethereum

7 matches found

CVE
CVE
added 2018/01/19 11:0 p.m.75 views

CVE-2017-12119

CVE-2017-12119 is a denial-of-service vulnerability in CPP-Ethereum JSON-RPC. A malformed JSON request can trigger an unhandled exception in the JSON-RPC server (via JSON-Cpp value handling and isInt checks), crashing the client. Public documentation lists multiple vulnerable JSON-RPC APIs (e.g.,...

7.5CVSS7.4AI score0.02086EPSS
Web
CVE
CVE
added 2018/01/19 11:0 p.m.71 views

CVE-2017-12113

The CVE-2017-12113 issue affects cpp-ethereum’s JSON-RPC admin_nodeInfo API. A missing authorization check (improper authorization) allows a remote attacker to trigger restricted functionality without credentials. Descriptions from Talos and related advisories confirm the vulnerability in Ethereu...

8.1CVSS7.9AI score0.01485EPSS
Web
CVE
CVE
added 2018/01/19 10:0 p.m.70 views

CVE-2017-12112

The CVE-2017-12112 entry corresponds to an authorization bypass in cpp-ethereum’s JSON-RPC admin_addPeer API. Talos reports an improper authorization check in AdminNet::admin_addPeer that allows a remote attacker to trigger restricted functionality without credentials, with the call binding to 0....

8.1CVSS7.9AI score0.01443EPSS
Web
CVE
CVE
added 2018/01/19 10:0 p.m.65 views

CVE-2017-12115

CVE-2017-12115 affects cpp-ethereum’s JSON-RPC endpoint miner_setEtherbase. The root cause is improper authorization: the function does not perform a user privilege check, allowing the execution of restricted functionality via a JSON request. The vulnerability is demonstrated by the existence of ...

8.1CVSS7.9AI score0.01591EPSS
CVE
CVE
added 2018/01/19 10:0 p.m.63 views

CVE-2017-12117

CVE-2017-12117 affects cpp-ethereum’s JSON-RPC miner_start API. The root cause is improper authorization checks in the miner_start implementation, allowing a remote attacker to trigger restricted functionality without credentials. Affected component is the JSON-RPC server inside cpp-ethereum (com...

8.1CVSS7.9AI score0.01361EPSS
Web
CVE
CVE
added 2018/01/19 11:0 p.m.57 views

CVE-2017-12118

CVE-2017-12118 refers to a vulnerability in cpp-ethereum’s JSON‑RPC miner_stop API where improper authorization could allow a remote attacker to trigger functionality reserved for admins. The weakness stems from missing privilege checks in miner_stop (no RPC_ADMIN guard), with attacker-controlled...

8.1CVSS7.9AI score0.01599EPSS
Web
CVE
CVE
added 2018/01/19 10:0 p.m.56 views

CVE-2017-12114

The CVE-2017-12114 entry affects cpp-ethereum’s JSON-RPC admin_peers API. Technical details from connected sources show an improper authorization flaw where admin_peers allows access to restricted functionality without credentials. The root cause is missing privilege checks in AdminNet::admin_pee...

6.8CVSS6.5AI score0.01399EPSS