To be vulnerable, users of Router must have a coprocessor with `` configured in their `router.yaml` and also to support either or Subscriptions. When users send queries to the router that uses the or Subscriptions, the Router will panic. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when a multi-part response is sent. The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This occurs because another thread can be started before the trap that triggers the cleanup function. The web administration interface in NetModule Router Software (NRSW) 4.6 before 4.6.0.106 and 4.8 before 4.8.0.101 executes an OS command constructed with unsanitized user input: shell metacharacters in the /admin/gnssAutoAlign.php device_id parameter.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |