mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 15:11:34 +02:00
marc
867 B
867 B
CVE-2020-26895
Description
Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by any peer with an open channel regardless of the victim situation (e.g., routing node, payment-receiver, or payment-sender). The impact is a loss of funds in certain situations.
POC
Reference
No PoCs from references.