216.73.216.128

CVE-2024-51738

· Published 20/01/2025 16:15 · Modified 20/01/2025 16:15

Labels: CVE-2024-51738 2025-01-20CVE-2024-51738CWE-305[email protected]

Essential information

Published
20/01/2025 16:15
Modified
20/01/2025 16:15
Author
Creator
CISA KEV
No
CWE

Description

Sunshine is a self-hosted game stream host for Moonlight. In 0.23.1 and earlier, Sunshine's pairing protocol implementation does not validate request order and is thereby vulnerable to a MITM attack, potentially allowing an unauthenticated attacker to pair a client by hijacking a legitimate pairing attempt. This bug may also be used by a remote attacker to crash Sunshine. This vulnerability is fixed in 2025.118.151840.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References