API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port.
References
Link | Resource |
---|---|
https://grave-rose.medium.com/two-systran-vulnerabilities-and-their-exploits-8bc83ba29e14 | Exploit Third Party Advisory |
https://www.systransoft.com/translation-products/systran-pure-neural-server/ | Product |
Configurations
History
No history.
Information
Published : 2020-12-08 13:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-29540
Mitre link : CVE-2020-29540
CVE.ORG link : CVE-2020-29540
JSON object : View
Products Affected
systransoft
- pure_neural_server
CWE