Allocation of Resources Without Limits or Throttling in froxlor/froxlor
CVE-2023-2666

7.5HIGH

Key Information:

Vendor: Froxlor
Status: Froxlor/froxlor
Vendor: CVE Published:; 12 May 2023

What is CVE-2023-2666?

The Froxlor Hosting Control Panel has a vulnerability that enables the allocation of resources without limits or throttling, potentially resulting in excessive resource consumption. This can lead to degraded performance or availability issues within the hosting environment. It is crucial for users to update to version 2.0.16 or newer to mitigate the risk associated with this vulnerability.

Affected Version(s)

froxlor/froxlor < 2.0.16

References

https://huntr.dev/bounties/0bbdc9d4-d9dc-4490-93ef-0a83b4...

https://github.com/froxlor/froxlor/commit/1679675aa1c29d2...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2023
Vulnerability Reserved
May 12, 2023

CVE-2023-2666 Data

JSON