Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2018-21036

CVE-2018-21036:
Improper Input Validation in sails-hook-sockets

7.5

CVSS Score

Basic Information

CVE ID
CVE-2018-21036
GHSA ID
GHSA-f7f4-hqp2-7prc
EPSS Score
-
CWE
CWE-20
Published
7/24/2020
Updated
2/1/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
sails-hook-socketsnpm< 1.5.51.5.5

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from improper handling of empty pathnames in WebSocket requests. The commit 0533a48 explicitly fixes this by adding a fallback to '/' when url.parse() returns a null pathname. The affected code in ToReceiveIncomingSailsIOMsg (in lib/receive-incoming-sails-io-msg.js) directly processes incoming messages and constructs the request object. The lack of input validation for pathname before the patch made this function vulnerable to type errors when handling malformed requests.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

S*ils.js ***or* v*.*.*-** *llows *tt**k*rs to **us* * **ni*l o* s*rvi** wit* * sin*l* r*qu*st ****us* t**r* is no *rror **n*l*r in s*ils-*ook-so*k*ts to **n*l* *n *mpty p*t*n*m* in * W**So*k*t r*qu*st.

Reasoning

T** vuln*r**ility st*mm** *rom improp*r **n*lin* o* *mpty p*t*n*m*s in W**So*k*t r*qu*sts. T** *ommit ******* *xpli*itly *ix*s t*is *y ***in* * **ll***k to '/' w**n url.p*rs*() r*turns * null p*t*n*m*. T** *****t** *o** in ToR***iv*In*omin*S*ilsIOMs*