Home

Description

A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file modules/zerogod/zerogod_ipp_primitives.go of the component zerogod IPP Service. Performing a manipulation results in integer coercion error. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. The exploit is now public and may be used. The patch is named 3731d5576cffae9eefe3721cd46a40933304129f. To fix this issue, it is recommended to deploy a patch.

PUBLISHED Reserved 2026-05-10 | Published 2026-05-11 | Updated 2026-05-11 | Assigner VulDB




MEDIUM: 6.3CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
LOW: 3.7CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
2.6AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C

Problem types

Integer Coercion Error

Numeric Error

Timeline

2026-05-10:Advisory disclosed
2026-05-10:VulDB entry created
2026-05-10:VulDB entry last update

Credits

dapickle (VulDB User) reporter

References

vuldb.com/vuln/362572 (VDB-362572 | bettercap zerogod IPP Service zerogod_ipp_primitives.go ippReadChunkedBody integer coercion) vdb-entry technical-description

vuldb.com/vuln/362572/cti (VDB-362572 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/submit/811145 (Submit #811145 | bettercap <=v2.41.5 Integer Coercion Error) third-party-advisory

github.com/bettercap/bettercap/issues/1263 issue-tracking

github.com/bettercap/bettercap/pull/1264 issue-tracking patch

github.com/user-attachments/files/26852847/poc.py exploit

github.com/...ommit/3731d5576cffae9eefe3721cd46a40933304129f patch

github.com/bettercap/bettercap/ product

cve.org (CVE-2026-8275)

nvd.nist.gov (CVE-2026-8275)

Download JSON