Miggo Logo

CVE-2020-5232: Malicious takeover of previously owned ENS names

8.7

CVSS Score
3.1

Basic Information

EPSS Score
0.68503%
Published
1/30/2020
Updated
1/29/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
@ensdomains/ensnpm< 0.4.00.4.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from improper authorization in ownership transfer functions. The core issue was in setSubnodeOwner() which allowed parent node owners to retain control over subnodes after transferring them, as they could call this function again to reset ownership. The setOwner() function similarly lacked mechanisms to prevent previous owners from reclaiming control. The commit diff shows these functions were modified in the patched version (adding return values and authorization checks), and the CWE-285 classification confirms improper authorization was the root cause.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * us*r w*o owns *n *NS *om*in **n s*t * "tr*p*oor", *llowin* t**m to tr*ns**r own*rs*ip to *not**r us*r, *n* l*t*r r***in own*rs*ip wit*out t** n*w own*r's *ons*nt or *w*r*n*ss. ### P*t***s * n*w *NS **ploym*nt is **in* roll** out t**t *

Reasoning

T** vuln*r**ility st*mm** *rom improp*r *ut*oriz*tion in own*rs*ip tr*ns**r *un*tions. T** *or* issu* w*s in `s*tSu*no**Own*r()` w*i** *llow** p*r*nt no** own*rs to r*t*in *ontrol ov*r su*no**s **t*r tr*ns**rrin* t**m, *s t**y *oul* **ll t*is `*un*ti