CVE-2023-46848

Summary

CVE-2023-46848 is a newly discovered vulnerability affecting the Squid proxy server. This issue permits a remote Denial of Service (DoS) attack, allowing malicious actors to cause service disruption by sending HTTP Request messages with embedded ftp:// URLs or constructing such URLs from FTP Native input. The attack does not require authentication, making it a significant threat to organizations running Squid. The vulnerability can lead to excessive resource consumption, resulting in server unavailability. System administrators are urged to apply the available patch or upgrade as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.