Описание
TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcp_forwarder.rs, SSRF protection for allow_private_network_connections = false was only applied in the TcpDestination::HostName(peer) path. The TcpDestination::Address(peer) => peer path proceeded to TcpStream::connect() without equivalent checks (for example is_global_ip, is_loopback), allowing loopback/private targets to be reached by supplying a numeric IP. The vulnerability is fixed in version 0.9.114.
EPSS
Процентиль: 8%
0.00028
Низкий
7.1 High
CVSS3
Дефекты
CWE-918
EPSS
Процентиль: 8%
0.00028
Низкий
7.1 High
CVSS3
Дефекты
CWE-918