Miggo Logo

CVE-2021-23594: Prototype Pollution in realms-shim

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.67151%
Published
1/12/2022
Updated
2/3/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
realms-shimnpm<= 1.2.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The PoC demonstrates prototype pollution via realm.evaluate() by manipulating stackTrace.proto.proto. The evaluate function is the primary execution mechanism for realm contexts, and its failure to properly isolate prototype chains from evaluated code enables sandbox escape. The attack modifies Error.prepareStackTrace's handling to access and pollute outer prototypes, indicating insufficient prototype isolation in the code evaluation implementation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ll v*rsions o* p**k*** r**lms-s*im *r* vuln*r**l* to S*n**ox *yp*ss vi* * Prototyp* Pollution *tt**k v**tor.

Reasoning

T** Po* **monstr*t*s prototyp* pollution vi* r**lm.*v*lu*t*() *y m*nipul*tin* st**kTr***.__proto__.__proto__. T** *v*lu*t* *un*tion is t** prim*ry *x**ution m****nism *or r**lm *ont*xts, *n* its **ilur* to prop*rly isol*t* prototyp* ***ins *rom *v*lu