medium

DHCP abuse for code exec

Published Fri, Jun 25th, 2021

Platforms

Summary

Under certain conditions, an attacker can flood DHCP packets to the victim VM, allowing it to impersonate the Metadata server, and grant themselves SSH access.

Affected Services

N/A

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://github.com/irsl/gcp-dhcp-takeover-code-exec

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Sat, Sep 26th, 2020

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Imre Rad

More vulnerabilities...

medium

DHCP abuse for code exec

Under certain conditions, an attacker can flood DHCP packets to the victim VM, allowing it to impersonate the Metadata server, and grant themselves SSH access.

Imre Rad

Fri, Jun 25th, 2021

medium

DHCP abuse for code exec

Under certain conditions, an attacker can flood DHCP packets to the victim VM, allowing it to impersonate the Metadata server, and grant themselves SSH access.

Imre Rad

Fri, Jun 25th, 2021

medium

DHCP abuse for code exec

Under certain conditions, an attacker can flood DHCP packets to the victim VM, allowing it to impersonate the Metadata server, and grant themselves SSH access.

Imre Rad

Fri, Jun 25th, 2021

View all