CVE-2017-18353

Name of the Vulnerable Software and Affected Versions: Rendertron version 1.0.0

Description: The issue allows any unauthorized remote attacker to disable the core service of the application by visiting the " ah/stop" API endpoint with a GET request. This endpoint is used to shutdown the Chrome instance responsible for serving render requests to all users.

Recommendations: For Rendertron version 1.0.0, consider restricting access to the " ah/stop" API endpoint to prevent unauthorized shutdown of the core service. As a temporary workaround, consider disabling the " ah/stop" route until a patch is available.