CVE-2021-32795

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-32795
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32795.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32795
Related
  • GHSA-5v34-4prm-9474
Published
2021-07-26T20:15:08Z
Modified
2025-01-15T01:54:52.090493Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service (aka DoS) vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat message exists. The user sending the message does not need to be authorized within the bot or ASF process. The attacker needs to know ASF's CommandPrefix in advance, but majority of ASF setups run with an unchanged default value. This attack does not allow attacker to gain any potentially-sensitive information, such as logins or passwords, does not allow to execute arbitrary commands and otherwise exploit the crash further. The issue is patched in ASF V4.3.1.0. The only workaround which guarantees complete protection is running all bots with OnlineStatus of 0 (Offline). In this setup, ASF is able to ignore even the specifically-crafted message without attempting to interpret it.

References

Affected packages

Git / github.com/justarchinet/archisteamfarm

Affected ranges

Type
GIT
Repo
https://github.com/justarchinet/archisteamfarm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

0.*

0.1
0.2
0.2.1
0.2.2
0.2.2.1
0.3
0.4.0.0
0.5.0.0
0.6.0.0
0.7.0.0
0.7.0.0-pre1
0.8.0.0
0.8.0.0-pre1
0.8.0.0-pre2
0.9.0.0
0.9.0.0-pre1
0.9.0.0-pre2
0.9.0.0-pre3
0.9.0.0-pre4
0.9.1.0

1.*

1.0.0.0
1.0.0.0-pre1
1.0.0.0-pre2
1.1.0.0
1.1.0.0-pre1
1.2.0.0
1.2.0.0-pre2
1.2.0.0-pre3
1.2.1.0
1.2.2.0
1.2.3.0
1.2.4.0
1.3.0.0
1.3.0.0-pre1
1.3.0.0-pre2
1.4.0.0
1.4.0.0-pre1
1.4.0.0-pre2
1.4.0.0-pre3
1.4.1.0
1.5.0.0
1.5.0.0-pre1
1.5.0.0-pre2
1.5.0.0-pre3
1.5.0.0-pre4
1.5.0.0-pre5
1.5.0.0-pre6
1.5.0.0-pre7
1.5.0.0-pre8
1.6.0.0
1.6.0.0-pre1
1.6.0.0-pre2
1.6.0.0-pre3
1.6.0.0-pre4
1.6.0.0-pre5
1.6.1.0
1.7.0.0-pre1

2.*

2.0.0.0-pre1
2.0.0.0-pre2
2.0.0.0-pre3
2.0.0.0-pre4
2.0.0.1
2.0.0.10
2.0.0.2
2.0.0.3
2.0.0.4
2.0.0.5
2.0.0.6
2.0.0.7
2.0.0.8
2.0.0.9
2.0.1.0
2.0.1.1
2.0.1.2
2.0.1.3
2.0.1.4
2.0.1.5
2.0.1.6
2.0.1.7
2.0.1.8
2.0.1.9
2.0.2.0
2.0.2.1
2.0.2.2
2.0.2.3
2.0.2.4
2.0.2.5
2.0.2.6
2.0.2.7
2.0.2.8
2.0.2.9
2.0.3.0
2.0.3.1
2.0.3.2
2.0.3.3
2.0.3.4
2.0.3.5
2.0.3.6
2.0.3.7
2.0.3.8
2.0.3.9
2.0.4.0
2.0.4.1
2.0.4.2
2.0.4.3
2.0.4.4
2.0.4.5
2.0.4.6
2.0.4.7
2.0.4.8
2.0.4.9
2.0.5.0
2.0.5.1
2.0.5.2
2.0.5.3
2.0.5.4
2.0.5.5
2.0.5.6
2.0.5.7
2.0.5.8
2.0.5.9
2.1.0.0
2.1.0.1
2.1.0.2
2.1.0.3
2.1.0.4
2.1.0.5
2.1.0.6
2.1.0.7
2.1.0.8
2.1.0.9
2.1.1.0
2.1.1.1
2.1.1.2
2.1.1.3
2.1.1.4
2.1.1.5
2.1.1.6
2.1.1.7
2.1.1.8
2.1.1.9
2.1.2.0
2.1.2.1
2.1.2.2
2.1.2.3
2.1.2.4
2.1.2.5
2.1.2.6
2.1.2.7
2.1.2.8
2.1.2.9
2.1.3.0
2.1.3.1
2.1.3.2
2.1.3.3
2.1.3.4
2.1.3.5
2.1.3.6
2.1.3.7
2.1.3.8
2.1.3.9
2.1.4.0
2.1.4.1
2.1.4.2
2.1.4.3
2.1.4.4
2.1.4.5
2.1.4.6
2.1.4.7
2.1.4.8
2.1.4.9
2.1.5.0
2.1.5.1
2.1.5.2
2.1.5.3
2.1.5.4
2.1.5.5
2.1.5.6
2.1.5.7
2.1.5.8
2.1.5.9
2.1.6.0
2.1.6.1
2.1.6.2
2.1.6.3
2.1.6.4
2.1.6.5
2.1.6.6
2.1.6.7
2.1.6.8
2.1.6.9
2.1.7.0
2.1.7.1
2.1.7.2
2.1.7.3
2.1.7.4
2.1.7.5
2.1.7.6
2.1.7.7
2.1.7.8
2.1.7.9
2.1.8.0
2.1.8.1
2.2.0.0
2.2.0.1
2.2.0.2
2.2.0.3
2.2.0.4
2.2.0.5
2.2.0.6
2.2.0.7
2.2.0.8
2.2.0.9
2.2.1.0
2.2.1.1
2.2.1.2
2.2.1.3
2.2.1.4
2.2.1.5
2.2.1.6
2.2.1.7
2.2.1.8
2.2.1.9
2.2.2.0
2.2.2.1
2.2.2.2
2.2.2.3
2.2.2.4
2.2.2.5
2.2.2.6
2.2.2.7
2.2.2.8
2.2.2.9
2.2.3.0
2.2.3.1
2.2.3.2
2.2.3.3
2.2.3.4
2.2.3.5
2.2.3.6
2.2.3.7
2.2.3.8
2.3.0.0
2.3.0.1
2.3.0.2
2.3.0.3
2.3.0.4
2.3.0.5
2.3.0.6
2.3.0.7
2.3.0.8
2.3.0.9
2.3.1.0
2.3.1.1
2.3.1.2
2.3.1.3
2.3.1.4
2.3.1.5
2.3.1.6
2.3.1.7
2.3.1.8
2.3.1.9
2.3.2.0
2.3.2.1
2.3.2.2
2.3.2.3
2.3.2.4

3.*

3.0.0.0
3.0.0.1
3.0.0.2
3.0.0.3
3.0.0.4
3.0.0.5
3.0.0.6
3.0.0.7
3.0.0.8
3.0.0.9
3.0.1.0
3.0.1.1
3.0.1.2
3.0.1.3
3.0.1.4
3.0.1.5
3.0.1.6
3.0.1.7
3.0.1.8
3.0.1.9
3.0.2.0
3.0.2.1
3.0.2.2
3.0.2.3
3.0.2.4
3.0.2.5
3.0.2.6
3.0.2.7
3.0.2.8
3.0.2.9
3.0.3.0
3.0.3.1
3.0.3.2
3.0.3.3
3.0.3.4
3.0.3.5
3.0.3.6
3.0.3.7
3.0.3.8
3.0.3.9
3.0.4.0
3.0.4.1
3.0.4.2
3.0.4.3
3.0.4.4
3.0.4.5
3.0.4.6
3.0.4.7
3.0.4.8
3.0.4.9
3.0.5.0
3.0.5.1
3.0.5.2
3.0.5.3
3.0.5.4
3.0.5.5
3.0.5.6
3.0.5.7
3.0.5.8
3.0.5.9
3.0.6.0
3.1.0.0
3.1.0.1
3.1.0.2
3.1.0.3
3.1.0.4
3.1.0.5
3.1.0.6
3.1.0.7
3.1.0.8
3.1.0.9
3.1.1.0
3.1.1.1
3.1.1.2
3.1.1.3
3.1.1.4
3.1.1.5
3.1.1.6
3.1.1.7
3.1.1.8
3.1.1.9
3.1.2.0
3.1.2.1
3.1.2.2
3.1.2.3
3.1.2.4
3.1.2.5
3.1.2.6
3.1.2.7
3.1.2.8
3.1.2.9
3.1.3.0
3.1.3.1
3.1.3.2
3.1.3.3
3.1.3.4
3.2.0.0
3.2.0.1
3.2.0.2
3.2.0.3
3.2.0.4
3.2.0.5
3.3.0.0
3.3.0.1
3.3.0.2
3.3.0.3
3.3.0.4
3.3.0.5
3.3.0.6
3.3.0.7
3.3.0.8
3.3.0.9
3.4.0.0
3.4.0.1
3.4.0.2
3.4.0.3
3.4.0.4
3.4.0.5
3.4.0.6
3.4.0.7
3.4.0.8
3.4.0.9
3.4.1.0
3.4.1.1
3.4.1.2
3.4.1.3
3.4.1.4
3.4.1.5
3.4.1.6
3.4.1.7
3.4.1.8
3.4.2.0
3.4.2.1
3.4.2.2

4.*

4.0.0.0
4.0.0.1
4.0.0.2
4.0.0.3
4.0.0.4
4.0.0.5
4.0.0.6
4.0.0.7
4.0.0.8
4.0.0.9
4.0.1.0
4.0.1.1
4.0.1.2
4.0.1.3
4.0.1.4
4.0.1.5
4.0.1.6
4.0.1.7
4.0.1.8
4.0.1.9
4.0.2.0
4.0.2.1
4.0.2.2
4.0.2.3
4.0.2.4
4.0.2.5
4.0.2.6
4.0.2.7
4.0.2.8
4.0.2.9
4.0.3.0
4.0.3.1
4.0.3.2
4.0.3.3
4.0.3.4
4.0.3.5
4.0.3.6
4.0.3.7
4.0.3.8
4.0.3.9
4.0.4.0
4.0.4.1
4.0.4.2
4.0.4.3
4.1.0.0
4.1.0.1
4.1.0.2
4.1.0.3
4.1.0.4
4.1.0.5
4.1.0.6
4.1.0.7
4.1.0.8
4.1.0.9
4.1.1.0
4.1.1.1
4.1.1.2
4.1.1.3
4.1.1.4
4.1.1.5
4.1.1.6
4.1.1.7
4.1.1.8
4.1.1.9
4.1.2.0
4.1.2.1
4.1.2.2
4.1.2.3
4.2.0.0
4.2.0.1
4.2.0.2
4.2.0.3
4.2.0.4
4.2.0.5
4.2.0.6
4.2.0.7
4.2.0.8
4.2.0.9
4.2.1.0
4.2.1.1
4.2.1.2
4.2.1.3
4.2.1.4
4.2.1.5
4.2.1.6
4.2.1.7
4.2.1.8
4.2.1.9
4.2.2.0
4.2.2.1
4.2.2.2
4.2.2.3
4.2.2.4
4.2.2.5
4.2.2.6
4.2.2.7
4.2.2.8
4.2.2.9
4.2.3.0
4.2.3.1
4.2.3.2
4.2.3.3
4.2.3.4
4.2.3.5
4.2.3.6
4.2.3.7
4.2.3.8
4.2.3.9
4.2.4.0
4.3.0.0
4.3.0.1
4.3.0.2
4.3.0.3
4.3.0.4
4.3.0.5
4.3.0.6
4.3.0.7