Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-23771

Disclosure Date: January 22, 2024 (last updated January 27, 2024)
darkhttpd before 1.15 uses strcmp (which is not constant time) to verify authentication, which makes it easier for remote attackers to bypass authentication via a timing side channel.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0