Firewall Bypass

2024-03-2707:52:59

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

firewall bypass

github

chirpstack-gateway-bridge

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

github.com/chirpstack/chirpstack-gateway-bridge/ is vulnerable to Firewall Bypass. The vulnerability is due to the firewall accepting specific TCP packets outside the ESTABLISHED connection state.

CPENameOperatorVersion
github.com/chirpstack/chirpstack-gateway-bridgelev4.0.10
github.com/chirpstack/chirpstack-gateway-bridgelev4.0.10

CPE	Name	Operator	Version
	github.com/chirpstack/chirpstack-gateway-bridge	le	v4.0.10
	github.com/chirpstack/chirpstack-gateway-bridge	le	v4.0.10

References

github.com/chirpstack/chirpstack-gateway-bridge/commit/0c1e80c9fa9f5d093ff62903caedad86ec4640b6

github.com/chirpstack/chirpstack-mqtt-forwarder/commit/4fa9e6eaaec8c3ca49ebfbf6317572671f17700f