Mispelled CVE code in the "Launching the attack" section: OWASP/IoTGoat/wiki/Dnsmasq-exercise-setup

Question

Mispelled CVE code in the "Launching the attack" section: OWASP/IoTGoat/wiki/Dnsmasq-exercise-setup

Strafo opened this issue 4 years ago · 1 comments

In the paragraph "Instructions to execute the PoC attack are provided in Google's security research repository. Refer to CVE-2017-14993-instructions.txt and CVE-2017-14993.py for this exercise. For simplicity, download the raw Python script (CVE-2017-14493.py) via wget, and execute it to send the payload targeting IoTGoat's statically configured IPv6 address at port 547 as shown below." the CVE code provided is incorrect.
CVE-2017-14993 is used instead of CVE-2017-14493.

Answer 1 · 2021-06-18T09:13:02.000Z

Updated. Nice catch!