Vulnerability CVE-2021-33318


Published: 2022-05-16

Description:
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.

See advisories in our WLB2 database:
Topic
Author
Date
High
IpMatcher 1.0.4.1 Server-Side Request Forgery
Sick Codes
19.05.2022

 References:
https://github.com/kaoudis/advisories/blob/main/0-2021.md
https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e041d89
https://github.com/jchristn/WatsonWebserver
https://github.com/jchristn/IpMatcher

Copyright 2022, cxsecurity.com

 

Back to Top