Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Invalid RPKI data could disable Route Origin Validation on RTR clients.
Vulnerability Description
NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation.
CVSS Information
N/A
Vulnerability Type
CWE-1288
Vulnerability Title
NLnet Labs Routinator 输入验证错误漏洞
Vulnerability Description
NLnet Labs Routinator是荷兰Stichting NLnet(Stichting Nlnet)实验室的一款使用Rust语言编写的RPKI(资源公钥基础设施)验证器。 NLnet Labs Routinator 0.10.0 之前存在安全漏洞,该漏洞源于如果 RPKI CA 在 ROA 的 max-length 参数中使用过大的值会产生无效的 RTR 负载。这将导致 RTR 客户端(例如路由器)拒绝 RPKI 数据集,从而有效禁用路由源验证。
CVSS Information
N/A
Vulnerability Type
N/A