3.1

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-22898

CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,...

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2021-22898

CVE-2021-22898:

3.1

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability CVE-2021-22898 describes an information disclosure in curl's TELNET option parser. The provided commit 39ce47f219b09c380b81f89fe54ac586c8db6bde directly addresses this. The patch modifies the suboption function in lib/telnet.c. The key change is the addition of a check for the return value of sscanf. Previously, sscanf was called to parse variable=content pairs, but its return value (number of items successfully matched) was not checked. If the input string v->data did not contain a comma (e.g., only a variable name was provided), varval would not be initialized by sscanf. Subsequently, the potentially uninitialized varval (which could contain sensitive data from the stack) was used in msnprintf to construct the TELNET NEW_ENV option string, which was then sent to the server. The fix ensures that sscanf successfully matches and populates both varname and varval (returns 2) before proceeding, thus preventing the use of uninitialized data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

3.1

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,...

CVE-2021-22898:

3.1

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

3.1

3.1

CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,...

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI