VDB
CNVD-2024-05635
CNVD-2024-05635
PUBLISHED
CVSS 7.800000190734863 HIGH
Wireshark(前称Ethereal)是导线鲨鱼(Wireshark)团队的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。 Wireshark存在安全漏洞,该漏洞源于Zigbee TLV解析器崩溃,允许通过数据包注入或精心设计的捕获文件拒绝服务。目前没有详细的漏洞细节提供。
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wireshark Foundation | Wireshark | 4.2.0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-0210 (circl-sighting)
- CIRCL seen: CVE-2024-0210 (circl-sighting)
- CIRCL seen: CVE-2024-0210 (circl-sighting)
- CIRCL seen: CVE-2024-0210 (circl-sighting)
- https://www.wireshark.org/security/wnpa-sec-2024-04.html (circl)
- GitLab Issue #19504 (circl)
- security_advisories.yml (github-poc)
- security_advisories.yml (github-poc)
Timeline
- Jan 3, 2024 CVE Published
- Jan 3, 2024 PoC Published
- Jan 4, 2024 PoC Published
- Jan 9, 2024 CVE ID Reserved
- Jan 10, 2024 PoC Published
- Jan 23, 2024 PoC Published