CVE-2022-39203
HIGHmatrix-appservice-irc < 0.35.0 - Improper Privilege Management via Channel Combination
Title source: llmDescription
matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel. The vulnerability has been patched in matrix-appservice-irc 0.35.0. As a workaround operators may disable dynamic channel joining via `dynamicChannels.enabled` to prevent users from joining new channels, which prevents any new channels being bridged outside of what is already bridged, and what is specified in the config.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://matrix.org/blog/2022/09/13/security-release-of-matrix-appservice-irc-0-35-0-high-severity/
Mitigation, Third Party Advisory x_refsource_confirm
https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-xvqg-mv25-rwvw
Scores
CVSS v3
8.8
EPSS
0.0031
EPSS Percentile
54.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (2)
matrix/matrix_irc_bridge
< 0.35.0
npm/matrix-appservice-irc
0 - 0.35.0npm
Published
Sep 13, 2022
Tracked Since
Feb 18, 2026