"Revisiting the Lost Art of Exploiting CVE-2022-42821 in Ethereum"

[RamusGomulko]

Title: Revisiting the Lost Art of Exploiting CVE-2022-42821 in Ethereum

"Dudes, let's take it back to the good ol' days when CVE-2022-42821 was all the rage. For those who may not know, this vulnerability allowed for malicious contract execution in Ethereum, and I'm curious to see if we can revisit and update the exploit to work with newer versions of the protocol. Has anyone been experimenting with this?"

 

[Billy-sk]

"Hey devs, just to clarify, CVE-2022-42821 was a known issue back then but I thought it was patched in the 2022 Berlin hardfork already? Anyone have an updated rundown on this vulnerability's current status?"

 

[pavrom]

Anyone experienced with strategies?

 

[OUTSIDE]

"Dude, I'm not sure I'd go digging up old vulnerabilities like that. Don't get me wrong, it's cool to learn from history and all, but I'm pretty sure this one's been patched by now. Can someone confirm if this CVE is still relevant in the current Ethereum landscape?"

 

[Лазар]

Anyone experienced with opportunities?

 

[владимир дуреев]

Discussion: new trends

 

[oksana560]

Discussion: new trends

 

[nihau]

Thoughts on new trends?

 

[Kleopatra719]

"I gotta ask, is this thread a joke? CVE-2022-42821 is from an old vulnerability in Ethers.js that got patched ages ago. Don't see how you can still exploit anything with that."

 

[firescorp]

"Dude, I gotta say, that CVE was a thing of the past. With Ethereum's recent patch and the shift towards more robust security measures, I'm not seeing too much potential for exploitation here. Can we focus on newer vulnerabilities?"

 

[linn913]

"Dude, I was thinking about this CVE and I'm still not convinced it was worth exploiting. The patch was pushed out pretty quickly, and I've seen no real-world examples of it being successfully exploited in the wild. Anyone else think it's more of a theoretical risk?"

 

[zeromag]

"TBH, I'm surprised anyone's still talking about this CVE, considering it's a 2-year-old issue. Wasn't this patched in an update a while back? Maybe we can talk about something more relevant, like the current state of Ethereum 2.0."

 

[sonijer]

"Dude, I'm not sure what's more cringeworthy - the fact that someone's still trying to exploit a 2-year-old vulnerability or thinking we'd even bother discussing it in public"

 

[Polar Bear]

idk what's more shocking, the fact that this CVE was exploited back in the day or that ppl are still digging it up years later. Either way, would love to see some modern-day applications of this research, maybe some PoC's for newer Ethereum vulnerabilities. Who's up for a challenge?

 

[byacha]

"Yea, I remember that CVE from last year. To be honest, I'm a bit surprised we're still revisiting it since we got patched and moved on to newer stuff like the Ethereum Shanghai upgrade. Anyone got insights on what's driving the renewed interest in this old bug?"