Improper Input Validation in IpMatcher

GHSA-qj93-37f5-mr29 · CVE-2021-33318

Published May 17, 2022 · Modified Feb 16, 2024

Description

An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-33318
WEB https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e041d89
PACKAGE https://github.com/jchristn/IpMatcher
WEB https://github.com/jchristn/WatsonWebserver
WEB https://github.com/kaoudis/advisories/blob/main/0-2021.md

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes