Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network (MHN) through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pwnlandia Modern Honey Network 安全漏洞
Vulnerability Description
Pwnlandia Modern Honey Network是Pwnlandia个人开发者的一个用于管理蜜罐和收集蜜罐数据的Web应用。 Modern Honey Network (MHN) 2020-11-23版本及之前版本存在安全漏洞,该漏洞源于server/mhn/ui/utils.py中的_get_flag_ip_localdb允许攻击者通过本地地理位置数据库中缺少的IP地址导致拒绝服务,因为代码尝试将返回值大写,即使该值不是字符串也是如此。
CVSS Information
N/A
Vulnerability Type
N/A