Miggo Logo
Miggo Vulnerability Database
CVE-2022-1176

CVE-2022-1176: Type Confusion in LiveHelperChat

7.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2022-1176
GHSA ID
GHSA-5cmw-fhq9-8fhh
EPSS Score
0.50585%
CWE
CWE-843
Published
4/1/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
remdex/livehelperchatcomposer< 3.963.96

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from loose comparisons (==) between chat hashes and user input across multiple REST API endpoints. PHP's type juggling allows values like '0e1234' (string) and 0 (integer) to be considered equal via ==, enabling hash bypass. The commit explicitly replaces == with === in these checks, confirming these conditional blocks as the vulnerable points. Each listed file contains a critical access control check that was exploitable via type confusion.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Liv* **lp*r ***t provi**s liv* support *or your w**sit*. Loos* *omp*rison **us*s I*OR on multipl* *n*points in Liv***lp*r***t prior to *.**. T**r* is * *ix r*l**s** in v*rsions *.** *n* *.**. *urr*ntly, t**r* is no known work*roun*.

Reasoning

T** vuln*r**ility st*ms *rom loos* *omp*risons (==) **tw**n ***t **s**s *n* us*r input **ross multipl* R*ST *PI *n*points. `P*P`'s typ* ju**lin* *llows v*lu*s lik* '******' (strin*) *n* * (int***r) to ** *onsi**r** *qu*l vi* ==, *n**lin* **s* *yp*ss.