Vulnerability-Lookup

CNVD-2021-60549

Vulnerability from cnvd - Published: 2021-08-10

Title

MuWire信息泄露漏洞

Description

MuWire是开源的一个文件发布和网络工具，使用12P技术保护其用户的身份。 MuWire 0.8.8版之前的桌面客户端存在安全漏洞，攻击者可利用该漏洞发送主题行包含带有HTML图像标签的URL的消息时，MuWire客户端将尝试通过clearnet获取该图像，从而暴露用户的IP地址。

Severity

低

Patch Name

MuWire信息泄露漏洞的补丁

Patch Description

MuWire是开源的一个文件发布和网络工具，使用12P技术保护其用户的身份。 MuWire 0.8.8版之前的桌面客户端存在安全漏洞，攻击者可利用该漏洞发送主题行包含带有HTML图像标签的URL的消息时，MuWire客户端将尝试通过clearnet获取该图像，从而暴露用户的IP地址。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-32750

Impacted products

Name
MuWire MuWire <0.8.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-32750"
    }
  },
  "description": "MuWire\u662f\u5f00\u6e90\u7684\u4e00\u4e2a\u6587\u4ef6\u53d1\u5e03\u548c\u7f51\u7edc\u5de5\u5177\uff0c\u4f7f\u752812P\u6280\u672f\u4fdd\u62a4\u5176\u7528\u6237\u7684\u8eab\u4efd\u3002\n\nMuWire 0.8.8\u7248\u4e4b\u524d\u7684\u684c\u9762\u5ba2\u6237\u7aef\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53d1\u9001\u4e3b\u9898\u884c\u5305\u542b\u5e26\u6709HTML\u56fe\u50cf\u6807\u7b7e\u7684URL\u7684\u6d88\u606f\u65f6\uff0cMuWire\u5ba2\u6237\u7aef\u5c06\u5c1d\u8bd5\u901a\u8fc7clearnet\u83b7\u53d6\u8be5\u56fe\u50cf\uff0c\u4ece\u800c\u66b4\u9732\u7528\u6237\u7684IP\u5730\u5740\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-60549",
  "openTime": "2021-08-10",
  "patchDescription": "MuWire\u662f\u5f00\u6e90\u7684\u4e00\u4e2a\u6587\u4ef6\u53d1\u5e03\u548c\u7f51\u7edc\u5de5\u5177\uff0c\u4f7f\u752812P\u6280\u672f\u4fdd\u62a4\u5176\u7528\u6237\u7684\u8eab\u4efd\u3002\r\n\r\nMuWire 0.8.8\u7248\u4e4b\u524d\u7684\u684c\u9762\u5ba2\u6237\u7aef\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53d1\u9001\u4e3b\u9898\u884c\u5305\u542b\u5e26\u6709HTML\u56fe\u50cf\u6807\u7b7e\u7684URL\u7684\u6d88\u606f\u65f6\uff0cMuWire\u5ba2\u6237\u7aef\u5c06\u5c1d\u8bd5\u901a\u8fc7clearnet\u83b7\u53d6\u8be5\u56fe\u50cf\uff0c\u4ece\u800c\u66b4\u9732\u7528\u6237\u7684IP\u5730\u5740\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "MuWire\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "MuWire MuWire \u003c0.8.8"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-32750",
  "serverity": "\u4f4e",
  "submitTime": "2021-07-16",
  "title": "MuWire\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2021-32750 (GCVE-0-2021-32750)

Vulnerability from cvelistv5 – Published: 2021-07-15 16:35 – Updated: 2024-08-03 23:33

Title

De-anonymization via message

Summary

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL with an HTML image tag and the MuWire client would try to fetch that image via clearnet, thus exposing the IP address of the user. The problem is fixed in MuWire 0.8.8. As a workaround, users can disable messaging functionality to prevent other users from sending them malicious messages.

Severity

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/zlatinb/muwire/security/adviso…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
zlatinb	muwire	Affected: < 0.8.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:33:55.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "muwire",
          "vendor": "zlatinb",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.8.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL with an HTML image tag and the MuWire client would try to fetch that image via clearnet, thus exposing the IP address of the user. The problem is fixed in MuWire 0.8.8. As a workaround, users can disable messaging functionality to prevent other users from sending them malicious messages."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-15T16:35:09.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg"
        }
      ],
      "source": {
        "advisory": "GHSA-68xh-9h7w-64qg",
        "discovery": "UNKNOWN"
      },
      "title": "De-anonymization via message",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-32750",
          "STATE": "PUBLIC",
          "TITLE": "De-anonymization via message"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "muwire",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 0.8.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "zlatinb"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL with an HTML image tag and the MuWire client would try to fetch that image via clearnet, thus exposing the IP address of the user. The problem is fixed in MuWire 0.8.8. As a workaround, users can disable messaging functionality to prevent other users from sending them malicious messages."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg",
              "refsource": "CONFIRM",
              "url": "https://github.com/zlatinb/muwire/security/advisories/GHSA-68xh-9h7w-64qg"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-68xh-9h7w-64qg",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-32750",
    "datePublished": "2021-07-15T16:35:10.000Z",
    "dateReserved": "2021-05-12T00:00:00.000Z",
    "dateUpdated": "2024-08-03T23:33:55.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-60549

CVE-2021-32750 (GCVE-0-2021-32750)

Tags

Sightings

Nomenclature