Browse all 3 CVE security advisories affecting peering-manager. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Peering-manager automates network peering relationships and BGP session management, critical for internet infrastructure. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. The three recorded CVEs highlight risks in API endpoints and web interfaces, which could allow unauthorized network manipulation or system compromise. While no major public incidents are documented, the potential for widespread impact exists given its role in internet connectivity. Security typically requires strict access controls, regular patching, and network segmentation to mitigate risks associated with its web-based management interface and API integrations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-28114 | Remote Code Execution using Server Side Template Injection in Peering Manager — peering-managerCWE-74 | 8.1 | High | 2024-03-12 |
| CVE-2024-28113 | Open redirection using the return_url parameter in Peering Manager — peering-managerCWE-601 | 3.5 | Low | 2024-03-12 |
| CVE-2024-28112 | Cross site scripting on router page in Peering Manager — peering-managerCWE-79 | 6.1 | Medium | 2024-03-12 |
This page lists every published CVE security advisory associated with peering-manager. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.