CVE-2025-34469

Name of the Vulnerable Software and Affected Versions Cowrie versions prior to 2.9.0

Description Cowrie versions before 2.9.0 have a server-side request forgery (SSRF) issue in the emulated shell implementations of wget and curl. The default configuration allows these commands to make real outbound HTTP requests to destinations specified by an attacker. The lack of outbound request rate limiting enables unauthenticated remote attackers to repeatedly execute these commands, generating a large volume of HTTP traffic towards arbitrary third-party targets. This can be used to abuse the Cowrie honeypot as a denial-of-service amplification node and conceal the attacker's original IP address behind the honeypot's IP address. The vulnerable commands perform real outbound HTTP requests to attacker-supplied destinations.

Recommendations Update Cowrie to version 2.9.0 or later.