Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sunshine improperly enforces pairing protocol request order
Vulnerability Description
Sunshine is a self-hosted game stream host for Moonlight. In 0.23.1 and earlier, Sunshine's pairing protocol implementation does not validate request order and is thereby vulnerable to a MITM attack, potentially allowing an unauthenticated attacker to pair a client by hijacking a legitimate pairing attempt. This bug may also be used by a remote attacker to crash Sunshine. This vulnerability is fixed in 2025.118.151840.
CVSS Information
N/A
Vulnerability Type
使用基本弱点进行的认证绕过
Vulnerability Title
Sunshine 安全漏洞
Vulnerability Description
Sunshine是LizardByte开源的一个 Moonlight 的自助游戏流主机。 Sunshine 0.23.1及之前版本存在安全漏洞,该漏洞源于容易受到MITM攻击,未经身份验证的攻击者可能通过劫持合法的配对尝试来配对客户端。
CVSS Information
N/A
Vulnerability Type
N/A