Claymore · Nanopool Claymore Dual Miner · CVE-2018-1000049
Name of the Vulnerable Software and Affected Versions:
Nanopool Claymore Dual Miner versions prior to 7.3
Description:
The issue allows for remote code execution by exploiting the miner API. This can only be done if the software is run with read/write mode enabled.
Recommendations:
For versions prior to 7.3, consider disabling read/write mode to prevent exploitation until a fix is available. As a temporary workaround, restrict access to the miner API to minimize the risk of exploitation.