Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

ip

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
4Vulnerabilities found
CVE-2024-29415
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.84% / 85.70%
||
7 Day CHG~0.00%
Published-27 May, 2024 | 20:04
Updated-13 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

Action-Not Available
Vendor-n/afedorindutny
Product-n/aip
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CWE ID-CWE-941
Incorrectly Specified Destination in a Communication Channel
CVE-2023-42282
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.75%
||
7 Day CHG~0.00%
Published-08 Feb, 2024 | 00:00
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.

Action-Not Available
Vendor-fedorindutnyn/a
Product-ipn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2013-6034
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-0.30% / 52.87%
||
7 Day CHG~0.00%
Published-04 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals has hardcoded credentials, which makes it easier for attackers to obtain unspecified login access via unknown vectors.

Action-Not Available
Vendor-hughes_network_systemsjapan_radioinmarsatgatehouseharristhuraya_telecommunicationsn/a
Product-94509201jue-250bgan9502inmarsatjue-500ipgatehousen/a
CVE-2013-6035
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-1.71% / 81.59%
||
7 Day CHG~0.00%
Published-04 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The firmware on GateHouse; Harris BGAN RF-7800B-VU204 and BGAN RF-7800B-DU204; Hughes Network Systems 9201, 9450, and 9502; Inmarsat; Japan Radio JUE-250 and JUE-500; and Thuraya IP satellite terminals does not require authentication for sessions on TCP port 1827, which allows remote attackers to execute arbitrary code via unspecified protocol operations.

Action-Not Available
Vendor-hughes_network_systemsjapan_radioinmarsatgatehouseharristhuraya_telecommunicationsn/a
Product-94509201jue-250bgan9502inmarsatjue-500ipgatehousen/a
CWE ID-CWE-287
Improper Authentication