{"id":9534,"date":"2025-08-01T18:42:53","date_gmt":"2025-08-01T18:42:53","guid":{"rendered":"http:\/\/localhost\/?p=9534"},"modified":"2025-08-01T18:42:53","modified_gmt":"2025-08-01T18:42:53","slug":"localsend-is-vulnerable-to-man-in-the-middle-attacks-leading-to-file-interception","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=9534","title":{"rendered":"LocalSend is Vulnerable to Man-in-the-Middle Attacks, Leading to File Interception"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nLocalSend is Vulnerable to Man-in-the-Middle Attacks, Leading to File Interception<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-08-01T23:04:29.207Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-08-01T23:04:29.207Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nlocalsend<\/td>\n<\/tr>\n
Product<\/th>\nlocalsend<\/td>\n<\/tr>\n
Version<\/th>\n<= 1.17.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n9.3 (CRITICAL)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:A\/AC:L\/AT:N\/PR:N\/UI:P\/VC:H\/VI:H\/VA:N\/SC:H\/SI:H\/SA:H<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical Man-in-the-Middle vulnerability in LocalSend’s discovery protocol allows attackers to intercept and modify file transfers, potentially stealing data or injecting malware. This affects versions 1.16.1 and below.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
AI Vendor<\/th>\nLocalSend Community<\/td>\n<\/tr>\n
AI Product<\/th>\nLocalSend<\/td>\n<\/tr>\n
AI Version<\/th>\n1.16.1 and below<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n