CVE-2024-45163

The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cypressthatkid.medium.com/remote-dos-exploit-found-in-mirai-botnet-source-code-27a1aad284f1
https://pastebin.com/6tqHnCva
https://youtu.be/aJkvSr85ML8

Configurations

No configuration.

History

No history.

Information

Published : 2024-08-22 04:15

Updated : 2024-08-22 15:35

NVD link : CVE-2024-45163

Mitre link : CVE-2024-45163

CVE.ORG link : CVE-2024-45163

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

9.1 /10