Search criteria
2 vulnerabilities found for Node by Dogecoin
CVE-2023-30769 (GCVE-0-2023-30769)
Vulnerability from cvelistv5 – Published: 2023-04-17 00:00 – Updated: 2025-03-03 19:29
VLAI?
Summary
Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages, send it to individual nodes and take them offline. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes.
Severity ?
9.1 (Critical)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Credits
Hossam Mohamed (safe_buffer)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.halborn.com/blog/post/halborn-discovers-zero-day-impacting-dogecoin-and-280-networks"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.halborn.com/disclosures"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T19:29:21.986382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T19:29:40.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Node",
"vendor": "Dogecoin",
"versions": [
{
"lessThan": "1.14.6",
"status": "affected",
"version": "Release",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hossam Mohamed (safe_buffer)"
}
],
"datePublic": "2023-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages, send it to individual nodes and take them offline. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "79d7e77b-4bd9-4e64-ae2c-02965b1d2b73",
"shortName": "Halborn"
},
"references": [
{
"url": "https://www.halborn.com/blog/post/halborn-discovers-zero-day-impacting-dogecoin-and-280-networks"
},
{
"url": "https://www.halborn.com/disclosures"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to Node release version 1.14.6."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rab13s Exploit",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "79d7e77b-4bd9-4e64-ae2c-02965b1d2b73",
"assignerShortName": "Halborn",
"cveId": "CVE-2023-30769",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2023-04-14T00:00:00.000Z",
"dateUpdated": "2025-03-03T19:29:40.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30769 (GCVE-0-2023-30769)
Vulnerability from nvd – Published: 2023-04-17 00:00 – Updated: 2025-03-03 19:29
VLAI?
Summary
Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages, send it to individual nodes and take them offline. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes.
Severity ?
9.1 (Critical)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Credits
Hossam Mohamed (safe_buffer)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:37:15.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.halborn.com/blog/post/halborn-discovers-zero-day-impacting-dogecoin-and-280-networks"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.halborn.com/disclosures"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T19:29:21.986382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T19:29:40.739Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Node",
"vendor": "Dogecoin",
"versions": [
{
"lessThan": "1.14.6",
"status": "affected",
"version": "Release",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hossam Mohamed (safe_buffer)"
}
],
"datePublic": "2023-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages, send it to individual nodes and take them offline. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "79d7e77b-4bd9-4e64-ae2c-02965b1d2b73",
"shortName": "Halborn"
},
"references": [
{
"url": "https://www.halborn.com/blog/post/halborn-discovers-zero-day-impacting-dogecoin-and-280-networks"
},
{
"url": "https://www.halborn.com/disclosures"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to Node release version 1.14.6."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Rab13s Exploit",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "79d7e77b-4bd9-4e64-ae2c-02965b1d2b73",
"assignerShortName": "Halborn",
"cveId": "CVE-2023-30769",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2023-04-14T00:00:00.000Z",
"dateUpdated": "2025-03-03T19:29:40.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}