You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Users who exposed the Sunshine configuration web ui outside of localhost may be affected, depending on firewall configuration.
To exploit vulnerability, attacker could make http/s request to the node_modules endpoint if user exposed Sunshine config web server to internet or attacker is on the LAN.
kjsman Finder
Impact
Users who exposed the Sunshine configuration web ui outside of localhost may be affected, depending on firewall configuration.
To exploit vulnerability, attacker could make http/s request to the
node_modulesendpoint if user exposed Sunshine config web server to internet or attacker is on the LAN.Patches
Fixed in v0.18.0
Workarounds
Block access to Sunshine via firewall.
References
https://github.com/LizardByte/Sunshine/releases/tag/v0.18.0