CVE-2025-34469

Опубликовано: 31 дек. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Cowrie versions prior to 2.9.0 contain a server-side request forgery (SSRF) vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no outbound request rate limiting was enforced, unauthenticated remote attackers could repeatedly invoke these commands to generate unbounded HTTP traffic toward arbitrary third-party targets, allowing the Cowrie honeypot to be abused as a denial-of-service amplification node and masking the attacker’s true source address behind the honeypot’s IP.

Ссылки

https://github.com/advisories/GHSA-83jg-m2pm-4jxj
Exploit
Third Party Advisory
https://github.com/cowrie/cowrie/issues/2622
Exploit
Issue Tracking
https://github.com/cowrie/cowrie/pull/2800
Exploit
Issue Tracking
Patch
https://github.com/cowrie/cowrie/releases/tag/v2.9.0
Release Notes
https://www.vulncheck.com/advisories/cowrie-unrestricted-wget-curl-emulation-enables-ssrf-based-ddos-amplification
Third Party Advisory
https://github.com/advisories/GHSA-83jg-m2pm-4jxj
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cowrie:cowrie:*:*:*:*:*:*:*:*

Версия до 2.9.0 (исключая)

EPSS

Процентиль: 59%

0.00387

Низкий

7.5 High

CVSS3

Дефекты

CWE-918

Связанные уязвимости

GHSA-83jg-m2pm-4jxj

CVSS3: 8.3

github

около 2 месяцев назад

Cowrie has a SSRF vulnerability in wget/curl emulation enabling DDoS amplification