Login Sign Up

CVE-2021-37696

7.1 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in tmerc-cogs for Red Discord bot allows any user to access sensitive information by crafting a specific MassDM message. It affects all users running vulnerable versions of the MassDM cog. The issue stems from missing authentication checks in the MassDM command implementation.

💻 Affected Systems

Products:
  • tmerc-cogs MassDM cog for Red Discord bot
Versions: All versions before commit 92325be650a6c17940cc52611797533ed95dbbe1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where the MassDM cog is loaded and enabled. The vulnerability exists in the cog's command implementation.

📦 What is this software?

Tmerc Cogs by Tmerc Cogs Project

View all CVEs affecting Tmerc Cogs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could exfiltrate sensitive bot configuration data, user information, or server secrets through crafted messages, potentially leading to account compromise or data breaches.

🟠

Likely Case

Malicious users exploiting the vulnerability to access bot tokens, API keys, or other configuration secrets stored in the bot's environment.

🟢

If Mitigated

With proper access controls and monitoring, impact would be limited to unauthorized information disclosure that can be quickly detected and contained.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires crafting specific MassDM messages but does not require authentication. The advisory provides enough detail for attackers to develop exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 92325be650a6c17940cc52611797533ed95dbbe1

Vendor Advisory: https://github.com/tmercswims/tmerc-cogs/security/advisories/GHSA-ffhm-9c8j-wx9h

Restart Required: Yes

Instructions:

1. Update tmerc-cogs to commit 92325be650a6c17940cc52611797533ed95dbbe1 or later. 2. Restart the Red Discord bot. 3. Verify the MassDM cog loads without errors.

🔧 Temporary Workarounds

Unload MassDM Cog

all

Temporarily disable the vulnerable MassDM cog until patching is possible

[p]unload massdm

Disable MassDM Command

all

Globally disable the vulnerable command while keeping other cog functionality

[p]disable global massdm

🧯 If You Can't Patch

  • Immediately unload the MassDM cog using [p]unload massdm command
  • Implement strict access controls and monitor for unusual MassDM command usage

🔍 How to Verify

Check if Vulnerable:

Check if MassDM cog is loaded and if commit hash is earlier than 92325be650a6c17940cc52611797533ed95dbbe1

Check Version:

Check git log or cog version information in bot

Verify Fix Applied:

Verify current commit hash is 92325be650a6c17940cc52611797533ed95dbbe1 or later, and test that MassDM command requires proper permissions

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized MassDM command usage
  • Unusual patterns in MassDM message sending
  • Access to sensitive configuration commands by non-admins

Network Indicators:

  • Unusual Discord API calls from bot related to MassDM functionality

SIEM Query:

Search for 'massdm' command usage by non-administrative users in bot logs

📊 Metadata

CVE ID: CVE-2021-37696
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CWE: CWE-306
Published: August 11, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-37696, you might also want to check these:

CVE-2025-32433 10.0

This CVE describes a critical vulnerability in Erlang/OTP's SSH server that allows unauthenticated r...

Same vulnerability type (CWE-306)
CVE-2026-23693 10.0

The ElementsKit Lite WordPress plugin versions before 3.7.9 expose an unauthenticated REST endpoint ...

Same vulnerability type (CWE-306)
CVE-2025-58083 10.0

The General Industrial Controls Lynx+ Gateway has a critical authentication bypass vulnerability in ...

Same vulnerability type (CWE-306)