TROYANOSYVIRUS
Voltar para CVEs

CVE-2026-22866

HIGH
7.5

Descricao

Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the `RSASHA256Algorithm` and `RSASHA1Algorithm` contracts fail to validate PKCS#1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 (or 20) bytes of the decrypted signature match the expected hash. This enables Bleichenbacher's 2006 signature forgery attack against DNS zones using RSA keys with low public exponents (e=3). Two ENS-supported TLDs (.cc and .name) use e=3 for their Key Signing Keys, allowing any domain under these TLDs to be fraudulently claimed on ENS without DNS ownership. Apatch was merged at commit c76c5ad0dc9de1c966443bd946fafc6351f87587. Possible workarounds include deploying the patched contracts and pointing DNSSECImpl.setAlgorithm to the deployed contract.

Detalhes CVE

Pontuacao CVSS v3.17.5
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado2/25/2026
Ultima modificacao3/13/2026
Fontenvd
Avistamentos honeypot0

Produtos afetados

ens.domains:ethereum_name_service

Fraquezas (CWE)

CWE-347

Referencias

https://github.com/ensdomains/ens-contracts-bug-62248-pr-509(security-advisories@github.com)
https://github.com/ensdomains/ens-contracts/commit/c76c5ad0dc9de1c966443bd946fafc6351f87587(security-advisories@github.com)
https://github.com/ensdomains/ens-contracts/security/advisories/GHSA-c6rr-7pmc-73wc(security-advisories@github.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.