![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-27997 – Fortinet FortiGate and FortiOS Vulnerability
June 12, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – StormKitty Stealer: A Threatening Information-Stealing Malware – Active IOCs
June 12, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2023-27997 – Fortinet FortiGate and FortiOS Vulnerability
June 12, 2023![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – StormKitty Stealer: A Threatening Information-Stealing Malware – Active IOCs
June 12, 2023Severity
High
Analysis Summary
CVE-2023-26132
Node.js dottie module is vulnerable to a denial of service, caused by a prototype pollution flaw in the set() function in /dottie.js. By adding or modifying properties of Object.prototype using a proto or constructor payload, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-26132
Affected Vendors
Node.js
Affected Products
- Node.js dottie 2.0.3
Remediation
Upgrade to the latest version of dottie, available from the dottie.js GIT Repository.