PT-2018-10655 · Block.One · Eos.Io Dawn

Published

2018-05-29

Updated

2018-07-20

CVE-2018-11548

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions EOS.IO DAWN version 4.2

Description An issue was discovered in EOS.IO DAWN where the net plugin does not limit the number of P2P connections from the same source IP address, potentially leading to issues.

Recommendations For EOS.IO DAWN version 4.2, consider implementing a limit on the number of P2P connections from the same source IP address to prevent potential issues. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-11548

Affected Products

Eos.Io Dawn

PT-2018-10655 · Block.One · Eos.Io Dawn

CVE-2018-11548

Weakness Enumeration

Related Identifiers

Affected Products

References · 3