Vulnerability Description
Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eternal Terminal Project | Eternal Terminal | < 6.2.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/releases/tag/et-v6.2.0Third Party Advisory
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cwExploitThird Party Advisory
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/releases/tag/et-v6.2.0Third Party Advisory
- https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8cwExploitThird Party Advisory
FAQ
What is CVE-2022-24952?
CVE-2022-24952 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input ...
How severe is CVE-2022-24952?
CVE-2022-24952 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-24952?
Check the references section above for vendor advisories and patch information. Affected products include: Eternal Terminal Project Eternal Terminal.