CWE-605 对同一端口的多重绑定 类弱点 3 条 CVE 漏洞汇总,含 AI 中文分析。
CWE-605 属于端口绑定漏洞,指多个套接字允许绑定至同一端口。攻击者常利用 SO_REUSEADDR 选项,抢先绑定特定地址以窃取或伪造服务流量,导致合法服务被劫持。开发者应避免滥用该选项,确保在绑定前正确检查端口占用状态,并限制绑定范围,防止未授权进程抢占端口,从而保障网络通信的安全性与完整性。
void bind_socket(void) { int server_sockfd; int server_len; struct sockaddr_in server_address; /*unlink the socket if already bound to avoid an error when bind() is called*/ unlink("server_socket"); server_sockfd = socket(AF_INET, SOCK_STREAM, 0); server_address.sin_family = AF_INET; server_address.sin_port = 21; server_address.sin_addr.s_addr = htonl(INADDR_ANY); server_len = sizeof(struct sockaddr_in); bind(server_sockfd, (struct sockaddr *) &s1, server_len); }| CVE ID | 标题 | CVSS | 风险等级 | Published |
|---|---|---|---|---|
| CVE-2026-25086 | Automated Logic WebCtrl 安全漏洞 — WebCTRL Premium Server | 7.7 | High | 2026-03-20 |
| CVE-2025-15320 | Tanium Client 安全漏洞 — Tanium Client | 3.3 | Low | 2026-02-06 |
| CVE-2024-30218 | SAP NetWeaver ABAP Application Server和ABAP Platform 资源管理错误漏洞 — SAP NetWeaver AS ABAP and ABAP Platform | 6.5 | Medium | 2024-04-09 |
CWE-605(对同一端口的多重绑定) 是常见的弱点类别,本平台收录该类弱点关联的 3 条 CVE 漏洞。