Vulnerability Details : CVE-2018-14732
An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive the HMR message sent by the WebSocket server via a ws://127.0.0.1:8080/ connection from any origin.
Vulnerability category: Input validation
Products affected by CVE-2018-14732
- cpe:2.3:a:webpack.js:webpack-dev-server:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-14732
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-14732
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-14732
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-14732
-
https://github.com/webpack/webpack-dev-server/issues/1445
A vulnerability found in webpack-dev-server · Issue #1445 · webpack/webpack-dev-server · GitHubExploit;Third Party Advisory
-
https://github.com/webpack/webpack-dev-server/commit/f18e5adf123221a1015be63e1ca2491ca45b8d10
check origin header for websocket connection · webpack/webpack-dev-server@f18e5ad · GitHubPatch;Third Party Advisory
-
https://blog.cal1.cn/post/Sniffing%20Codes%20in%20Hot%20Module%20Reloading%20Messages
Sniffing Codes in Hot Module Reloading Messages - crblogExploit;Third Party Advisory
Jump to