Back to search
CVE-2018-11615
Published: Aug 30, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to crash. An attacker can leverage this vulnerability to deny access to the target system. Was ZDI-CAN-6306.
| Vendor | Product | Versions |
|---|---|---|
npm | npm mosca | affected 2.8.1 |
Weaknesses (CWE)
References
https://zerodayinitiative.com/advisories/ZDI-18-583
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now