CVE-2021-47155

CRITICAL

Net::IPV4Addr 0.10 - Info Disclosure

Title source: llm
STIX 2.1

Description

The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Scores

CVSS v3 9.1
EPSS 0.0051
EPSS Percentile 39.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-284
Status published
Published Mar 18, 2024
Tracked Since Feb 18, 2026