Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
Crypto Flexs
Home»ETHEREUM NEWS»Security Warning – Mist may be vulnerable to malicious DApps.
ETHEREUM NEWS

Security Warning – Mist may be vulnerable to malicious DApps.

By Crypto FlexsApril 2, 20242 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Security Warning – Mist may be vulnerable to malicious DApps.
Share
Facebook Twitter LinkedIn Pinterest Email

Mist leaks some low-level APIs that Dapps can use to access your computer’s file system and read or delete files. This only affects you if you go to an untrusted Dapp that is aware of these vulnerabilities and is specifically trying to attack you. We recommend upgrading Mist to avoid exposure to attacks.

Affected Configurations: All Mist versions below 0.8.6. This vulnerability does not affect Ethereum wallets as it cannot load external DApps.
something that could happen: middle
severity: High

summary

Some Mist API methods are exposed, allowing malicious web pages to access privileged interfaces that can delete files on the local file system, execute registered protocol handlers, and obtain sensitive information such as the user directory or the user’s “coinbase”. It has become possible. Vulnerable exposed Mist API:

mist.shell

mist.dirname

mist.syncMinimongo

web3.eth.coinbase

now

null

If the account is not accepted for dapp

solution

Upgrade to: Latest version of Mist browser. Do not use older versions of Mist to navigate to untrusted webpages or local webpages from unknown sources. Ethereum wallets are not affected as they do not allow external page navigation. This is a reminder that Mist is currently only being considered for Ethereum app development and should not be used by end users to browse the public web until it reaches at least version 1.0. Mist’s external audit is scheduled for December.

a big thank you @tintinweb There is a repro app that is very useful for testing vulnerabilities!

We are also thinking about adding Mist to our bounty program. If you discover any vulnerabilities or serious bugs, please contact us at: bounty@ethereum.org


Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Trump’s memes, which were questioned by the Supreme Democratic Party at the House Judicial Committee,

May 31, 2025

Inrum’s route of $ 100,000 to support this level

May 30, 2025

Bitcoin’s contraction fee can cause fallout of the entire encryption.

May 29, 2025
Add A Comment

Comments are closed.

Recent Posts

The macroeconomic problem stimulates investment in SPOT BITCOIN ETF.

May 31, 2025

Solana’s strategic moment: Can Sol copy the institutional interests of BTC?

May 31, 2025

Trump’s memes, which were questioned by the Supreme Democratic Party at the House Judicial Committee,

May 31, 2025

Major trends in open source funding: Insight for managers

May 31, 2025

ETH, SOL ‘very rare’ Staying ETF may start temporarily -analysts

May 31, 2025

Bitcoin heads for $ 100k, but BTF futures predict recovery

May 31, 2025

The optimistic candlelight formation suggests that the XRP price can touch $ 22.

May 31, 2025

US sanctions technology companies are related to millions of dollars of encryption fraud.

May 31, 2025

LUNC News: Coingecko adds a new Defi site from Terra Luna Classic.

May 31, 2025

Leonardo.ai starts editing high-end omni using Flux.1 and GPT-IMAGE-1

May 31, 2025

Ether Leeum Network Growth, Strong ETH futures support $ 2.4K

May 30, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

The macroeconomic problem stimulates investment in SPOT BITCOIN ETF.

May 31, 2025

Solana’s strategic moment: Can Sol copy the institutional interests of BTC?

May 31, 2025

Trump’s memes, which were questioned by the Supreme Democratic Party at the House Judicial Committee,

May 31, 2025
Most Popular

Kidnappings and home invasion incidents highlight the need for improved physical security in cryptocurrencies.

July 31, 2024

Should you buy or sell?

May 12, 2024

Horizon from Stellar (XLM) speeds up re-collection with CDP technology

November 16, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.