Unrestricted Server Restart Vulnerability
A vulnerability in version 20240410 allows any user to restart the server at will by sending a specific request to the `/queue/join?` endpoint. This issue was patched in a subsequent release.
Available publicly on Jul 10 2024
Remediation Steps
- Update to the latest patched version of the software.
- Implement access controls to restrict who can send requests to the
/queue/join?endpoint. - Add rate limiting to prevent abuse of the endpoint.
- Monitor server logs for unusual activity and repeated restart attempts.
Patch Details
- Fixed Version: N/A
- Patch Commit: N/A
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.