Suschman

**Name of the Vulnerable Software and Affected Versions** ZNC versions prior to 0.092 **Description** A NULL pointer dereference issue occurs due to traffic stats when there are unauthenticated connections. **Recommendations** For versions prior to 0.092, update to version 0.092 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ZNC versions prior to 0.092 **Description** The issue allows remote authenticated users to cause a denial of service by requesting traffic statistics when there is an active unauthenticated connection. This triggers a NULL pointer dereference, which can be demonstrated using a traffic link in the web administration pages or the traffic command in the /znc shell. **Recommendations** For versions prior to 0.092, update to version 0.092 or later to resolve the issue. As a temporary workaround, consider restricting access to traffic statistics when there are active unauthenticated connections to minimize the risk of exploitation.