6.9 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.8%
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack.
secunia.com/advisories/20396
www.securityfocus.com/archive/1/435491/100/0/threaded
www.securityfocus.com/bid/18193