Vulnerability Details CVE-2025-34469
Cowrie versions prior to 2.9.0 contain a server-side request forgery (SSRF) vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no outbound request rate limiting was enforced, unauthenticated remote attackers could repeatedly invoke these commands to generate unbounded HTTP traffic toward arbitrary third-party targets, allowing the Cowrie honeypot to be abused as a denial-of-service amplification node and masking the attacker’s true source address behind the honeypot’s IP.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.8%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/advisories/GHSA-83jg-m2pm-4jxj
- https://github.com/cowrie/cowrie/issues/2622
- https://github.com/cowrie/cowrie/pull/2800
- https://github.com/cowrie/cowrie/releases/tag/v2.9.0
- https://www.vulncheck.com/advisories/cowrie-unrestricted-wget-curl-emulation-enables-ssrf-based-ddos-amplification
- https://github.com/advisories/GHSA-83jg-m2pm-4jxj
Products affected by CVE-2025-34469
-
cpe:2.3:a:cowrie:cowrie:1.0.0
-
cpe:2.3:a:cowrie:cowrie:1.1.0
-
cpe:2.3:a:cowrie:cowrie:1.2.0
-
cpe:2.3:a:cowrie:cowrie:1.3.0
-
cpe:2.3:a:cowrie:cowrie:1.4.0
-
cpe:2.3:a:cowrie:cowrie:1.4.1
-
cpe:2.3:a:cowrie:cowrie:1.5.1
-
cpe:2.3:a:cowrie:cowrie:1.5.2
-
cpe:2.3:a:cowrie:cowrie:1.5.3
-
cpe:2.3:a:cowrie:cowrie:1.6.0
-
cpe:2.3:a:cowrie:cowrie:1.9.7
-
cpe:2.3:a:cowrie:cowrie:2.0.0
-
cpe:2.3:a:cowrie:cowrie:2.0.1
-
cpe:2.3:a:cowrie:cowrie:2.0.2
-
cpe:2.3:a:cowrie:cowrie:2.1.0
-
cpe:2.3:a:cowrie:cowrie:2.2.0
-
cpe:2.3:a:cowrie:cowrie:2.3.0
-
cpe:2.3:a:cowrie:cowrie:2.4.0
-
cpe:2.3:a:cowrie:cowrie:2.5.0
-
cpe:2.3:a:cowrie:cowrie:2.6.1
-
cpe:2.3:a:cowrie:cowrie:2.7.0
-
cpe:2.3:a:cowrie:cowrie:2.8.0
-
cpe:2.3:a:cowrie:cowrie:2.8.1