CNNVD-202512-5501 Information
CNNVD ID
CNNVD-202512-5501
Related CVE
- CNNVD Published: 2025-12-31
Description (Chinese)
Cowrie是Cowrie开源的一个蜜罐软件。 Cowrie 2.9.0之前版本存在安全漏洞,该漏洞源于模拟shell实现中存在服务端请求伪造,可能导致拒绝服务放大攻击。
Description (English)
Cowrie is a honey can software from Cowrie’s open source. A security loophole existed in the pre-Cowrie 2.9.0 version, which stemmed from the presence of a service-end request in the implementation of the simulation shell, which could lead to the denial of services to scale up attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Cowrie
Published
2025-12-31
Last Modified
2026-02-24
References
https://github.com/advisories/GHSA-83jg-m2pm-4jxj https://github.com/cowrie/cowrie/issues/2622 https://github.com/cowrie/cowrie/pull/2800 https://github.com/cowrie/cowrie/releases/tag/v2.9.0 https://www.vulncheck.com/advisories/cowrie-unrestricted-wget-curl-emulation-enables-ssrf-based-ddos-amplification
Patch
https://docs.cowrie.org/en/latest/INSTALL.html
Share on: