CVE-2018-25022Sensitive Information Exposure in Toxcore

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
3.1LOWNVD
EPSS
0.3%
top 46.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Toktok ToxcoreDebian Libtoxcore
Timeline
PublishedDec 13
Latest updateDec 14

Description

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address (when knowing only their Tox Id) by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion connection with the attacker, guessing the target's DHT public key and creating a DHT node with public key close to it, and finally onion-routing a NAT Ping Request to the target, requesting it to ping the

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

NVDtoktok/toxcore< 0.2.2
debiandebian/libtoxcore< libtoxcore 0.2.2-1 (bookworm)

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-47vr-crpx-w72f: The Onion module in toxcore before 02021-12-14
OSV
CVE-2018-25022: The Onion module in toxcore before 02021-12-13

📋Vendor Advisories

1
Debian
CVE-2018-25022: libtoxcore - The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be o...2018
CVE-2018-25022 — Sensitive Information Exposure | cvebase