Vulnerability Description
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Electrum | Electrum | < 4.2.2 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://github.com/spesmilo/electrum/security/advisories/GHSA-4fh4-hx35-r355Third Party Advisory
- https://twitter.com/ElectrumWallet/status/1534540879905665028Release NotesThird Party Advisory
- https://github.com/spesmilo/electrum/security/advisories/GHSA-4fh4-hx35-r355Third Party Advisory
- https://twitter.com/ElectrumWallet/status/1534540879905665028Release NotesThird Party Advisory
FAQ
What is CVE-2022-31246?
CVE-2022-31246 is a vulnerability with a CVSS score of 5.5 (MEDIUM). paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Li...
How severe is CVE-2022-31246?
CVE-2022-31246 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-31246?
Check the references section above for vendor advisories and patch information. Affected products include: Electrum Electrum, Microsoft Windows.