Laanwj

🚨 CVE-2015-20111 miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation. 🎖@cveNotify

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions through 0.21.0 Description: The issue allows bitcoind to create a new file in an arbitrary directory, such as outside the ~/.bitcoin directory, via a "dumpwallet" RPC call. This reportedly does not violate the security model of Bitcoin Core but can violate the security model of a fork that has implemented dumpwallet restrictions. Recommendations: For versions through 0.21.0, as a temporary workaround, consider restricting the use of the "dumpwallet" RPC call until a more permanent solution is available. Restrict access to arbitrary directories to minimize the risk of exploitation.