CVE-2017-12117

Vulnerability

The vulnerability resides in the miner_start API exposed by cpp-ethereum's JSON-RPC server, as implemented in commit 4e1015743b95821849d001618a7ce82c7c073768. The API lacks proper authorization checks, allowing any remote attacker to trigger functionality intended only for administrative users. The default configuration binds the JSON-RPC interface to 0.0.0.0, making it accessible from any network, and the Content-Type header check is not enforced, enabling CSRF and SSRF attacks [1].

Exploitation

An attacker can send a crafted JSON-RPC request to the miner_start API without any authentication. The lack of authorization means the request is processed as if it came from an administrator. No special network position is required; the interface is reachable remotely if not firewalled. The attacker can exploit the missing Content-Type enforcement to trigger the API via cross-site request forgery (CSRF), tricking a user's browser into sending a request to the exposed JSON-RPC server [1].

Impact

Successful exploitation grants the attacker the ability to start the mining process on the target node. This is an authorization bypass that leads to unauthorized control over the mining functionality. The CVSSv3 score is 4.0 (medium), with the impact limited to integrity loss (low) due to unauthorized state changes. No disclosure of information or denial of service is reported [1].

Mitigation

The vulnerability affects commit 4e1015743b95821849d001618a7ce82c7c073768. As of the publication date (2018-01-19), a fix was not available in the public references. Users should restrict network access to the JSON-RPC interface (e.g., bind to 127.0.0.1), enforce Content-Type headers, and apply network-level access controls until a patched version is released [1].