Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Clients removed during unpairing process may regain access if Sunshine was not restarted
Vulnerability Description
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.10.0 and prior to version 0.23.0, after unpairing all devices in the web UI interface and then pairing only one device, all of the previously devices will be temporarily paired. Version 0.23.0 contains a patch for the issue. As a workaround, restarting Sunshine after unpairing all devices prevents the vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L
Vulnerability Type
会话固定
Vulnerability Title
Sunshine 安全漏洞
Vulnerability Description
Sunshine是Moonlight 自托管游戏直播主机。 Sunshine 0.10.0版本至0.23.0之前版本存在安全漏洞,该漏洞源于在Web UI界面中取消所有设备的配对后,然后仅配对一台设备后,之前的所有设备都会暂时配对。
CVSS Information
N/A
Vulnerability Type
N/A