DerScanner
Home / Vulnerability Database / C-sharp : Undocumented feature: time bomb
C#

C-sharp : Undocumented feature: time bomb

Classification

OWASP ASVS
Malicious Code
CWE
CWE-506CWE-511

Overview

The application uses a current time comparison. Authors of backdoors use this technique to activate malicious functionality at a given moment (timebomb).

When the time bomb is detonated, it may perform a denial of service, such as crashing the system, deleting critical data, or degrading system response time.

References

  1. CWE-511: Logic/Time Bomb
  2. OWASP: Logic/Time Bomb
  3. CWE-506: Embedded Malicious Code
MEDIUM

DerScanner Severity Score

Do you want to fix C-sharp : Undocumented feature: time bomb in your application?

See also

C#

C-sharp : JWT: None Algorithm

C#

C-sharp : Insecure data transmission: Database

C#

C-sharp : Only one of method Equals() and GetHashCode() defined