Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38181
HistoryNov 23, 2022 - 6:29 a.m.

Remote Code Execution

2022-11-2306:29:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
tailscale
remote code execution
vulnerability
host header verification
attacker-controlled coordination server
malicious url responses
executables
smb share.

EPSS

0.003

Percentile

69.6%

JSON

tailscale is vulnerable to remote code execution. The library does not have host header verification, which allows an attacker-controlled coordination server to send malicious URL responses to the client, including pushing executables or installing an SMB share.

Related

cvelist 1
github 1
cve 1
prion 1
osv 2
nvd 1
wallarmlab 1
cvelist
cvelist
CVE-2022-41924 Tailscale Windows daemon is vulnerable to RCE via CSRF
2022-11-23 00:00:00
github
github
Tailscale Windows daemon is vulnerable to RCE via CSRF
2022-11-21 22:34:00
cve
cve
CVE-2022-41924
2022-11-23 19:15:12
prion
prion
Design/Logic Flaw
2022-11-23 19:15:00
osv
osv
Tailscale Windows daemon is vulnerable to RCE via CSRF
2022-11-21 22:34:00
Tailscale Windows daemon is vulnerable to RCE via CSRF in tailscale.com
2024-08-21 16:03:26
nvd
nvd
CVE-2022-41924
2022-11-23 19:15:12
wallarmlab
wallarmlab
Can ChatGPT be used to attack your APIs? | API Security Newsletter
2022-12-09 19:38:00

EPSS

0.003

Percentile

69.6%

JSON
Related for VERACODE:38181
cvelist1github1cve1prion1osv2nvd1wallarmlab1