CVE-2021-46702

MEDIUM

Tor Browser 9.0.7 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-46702.

AI-analyzed exploit summary The repository contains a functional Bash script that automates the extraction of Tor Browser activity (e.g., visited .onion sites) from a Windows memory dump using Volatility and Bulk Extractor. It demonstrates the information disclosure vulnerability by parsing process memory for HTTP requests and cache records.

Description

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory.

Exploits (2)

inthewild WORKING POC

poc

https://github.com/malakkf/cve-2021-46702

View Code ZIP pw:eip

The repository contains a functional Bash script that automates the extraction of Tor Browser activity (e.g., visited .onion sites) from a Windows memory dump using Volatility and Bulk Extractor. It demonstrates the information disclosure vulnerability by parsing process memory for HTTP requests and cache records.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Tor Browser 9.0.7 on Windows 10 build 10586

No auth needed

Prerequisites: memory dump of the target system · Volatility with Win10x64_10586 profile · Bulk Extractor

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 23, 2026 Full analysis →

inthewild WORKING POC

poc

https://github.com/exmak-s/cve-2021-46702

View Code ZIP pw:eip

The repository contains a functional Bash script that automates the extraction of Tor Browser activity (visited .onion sites) from a Windows memory dump using Volatility and Bulk Extractor. It demonstrates the information disclosure vulnerability by parsing process memory for HTTP requests and cache records.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Tor Browser 9.0.7 on Windows 10 build 10586

No auth needed

Prerequisites: memory dump of the target system · Volatility with Win10x64_10586 profile · Bulk Extractor

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (1)

Core 1

Core References

Technical Description, Third Party Advisory x_refsource_misc

https://www.sciencedirect.com/science/article/pii/S0167404821001358

Scores

CVSS v3 5.5

EPSS 0.0013

EPSS Percentile 31.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-404

Status published

Products (1)

torproject/tor 9.0.7

Published Feb 26, 2022

Tracked Since Feb 18, 2026