Miggo Logo
Miggo Vulnerability Database
CVE-2019-19771

CVE-2019-19771:
lodahs is malware

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2019-19771
GHSA ID
GHSA-hm6q-r2jc-cpqh
EPSS Score
0.62446%
CWE
CWE-506
Published
12/16/2019
Updated
9/6/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
lodahsnpm>= 0.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The advisory explicitly states the entire package is malware (CWE-506) designed to exfiltrate cryptocurrency wallets, but no specific functions are disclosed in available sources. The npm registry entry now shows a security placeholder rather than original code, and there are no commit diffs/patches to analyze. Without access to the original malicious implementation details or function names from historical versions, we cannot confidently identify specific vulnerable functions. The malware's behavior would likely involve file scanning and network exfiltration functions, but these cannot be mapped to concrete code paths with the provided information.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ll v*rsions o* t*is p**k*** *ont*in** m*lw*r*. T** p**k*** w*s **si*n** to *in* *n* *x*iltr*t* *rypto*urr*n*y w*ll*ts. ## R**omm*n**tion *ny *omput*r t**t **s t*is p**k*** inst*ll** or runnin* s*oul* ** *onsi**r** *ully *ompromis**. *ll s**r*ts *

Reasoning

T** **visory *xpli*itly st*t*s t** *ntir* p**k*** is m*lw*r* (*W*-***) **si*n** to *x*iltr*t* *rypto*urr*n*y w*ll*ts, *ut no sp**i*i* *un*tions *r* *is*los** in *v*il**l* sour**s. T** `npm` r**istry *ntry now s*ows * s**urity pl****ol**r r*t**r t**n