Miggo Logo

CVE-2021-30130: Improper Certificate Validation in phpseclib

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.37152%
Published
4/7/2021
Updated
2/7/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpseclib/phpseclibcomposer>= 3.0.0, < 3.0.73.0.7
phpseclib/phpseclibcomposer< 2.0.312.0.31

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper PKCS#1 v1.5 signature verification. The GitHub PR #1635 shows fixes in RSA signature verification and ASN.1 handling. Release notes for patched versions specifically mention PKCS#1 v1.5 verification cleanup. The _rsassa_pkcs1_v1_5_verify method is directly responsible for signature validation, and verify() is the public method exposing this functionality. Commit messages reference fixes to ASN.1 decoding and strict signature validation, confirming these functions' involvement.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

p*ps**li* ***or* *.*.** *n* *.x ***or* *.*.* mis**n*l*s RS* PK*S#* v*.* si*n*tur* v*ri*i**tion.

Reasoning

T** vuln*r**ility st*ms *rom improp*r PK*S#* v*.* si*n*tur* v*ri*i**tion. T** *it*u* PR #**** s*ows *ix*s in RS* si*n*tur* v*ri*i**tion *n* *SN.* **n*lin*. R*l**s* not*s *or p*t**** v*rsions sp**i*i**lly m*ntion PK*S#* v*.* v*ri*i**tion *l**nup. T**