8.7
CVE-2026-49232
- EPSS 0.33%
- Veröffentlicht 08.06.2026 12:58:37
- Zuletzt bearbeitet 09.06.2026 15:20:23
- Quelle sep@nlnetlabs.nl
- CVE-Watchlists
- Unerledigt
Routinator exits when accepting an incoming HTTP or RTR connection fails
Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of file descriptors. This condition can be triggered maliciously by an attacker by opening a large number of connections to the HTTP or RTR server. This only affects users that make their HTTP or RTR server available to untrusted networks.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerNLnet Labs
≫
Produkt
Routinator
Default Statusaffected
Version
0.15.2
Version <
*
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.249 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| sep@nlnetlabs.nl | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-755 Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.
https://www.nlnetlabs.nl/downloads/routinator/CVE-2026-49232.txt