Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrectly Specified Chat Message Destinations in tgstation-server and DreamMaker API
Vulnerability Description
tgstation-server is a production scale tool for BYOND server management. The DreamMaker API (DMAPI) chat channel cache can possibly be poisoned by a tgstation-server (TGS) restart and reattach. This can result in sending chat messages to one of any of the configured IRC or Discord channels for the instance on enabled chat bots. This lasts until the instance's chat channels are updated in TGS or DreamDaemon is restarted. TGS chat commands are unaffected, custom or otherwise.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Vulnerability Type
通信信道中错误指定的目的地
Vulnerability Title
tgstation-server 安全漏洞
Vulnerability Description
tgstation-server是一款用于管理生产BYOND服务器的工具集。 tgstation-server存在安全漏洞,该漏洞源于TGS重新启动和重新连接存在问题。
CVSS Information
N/A
Vulnerability Type
N/A