CVE-2022-24073 – A vulnerability in Whale browser's Web Request ... (How to Fix)

Q: What is the severity of CVE-2022-24073?

CVE-2022-24073 has a CVSS score of 7.1 (HIGH). A vulnerability in Whale browser's Web Request API allowed malicious extensions to block access to the extension store or redirect users to arbitrary URLs when attempting to visit the store. This affects Whale browser users with vulnerable extensions installed before version 3.12.129.18.

📋 TL;DR

A vulnerability in Whale browser's Web Request API allowed malicious extensions to block access to the extension store or redirect users to arbitrary URLs when attempting to visit the store. This affects Whale browser users with vulnerable extensions installed before version 3.12.129.18.

💻 Affected Systems

Products:

Whale browser

Versions: All versions before 3.12.129.18

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires a malicious or compromised extension to exploit the vulnerability.

📦 What is this software?

Whale by Navercorp

View all CVEs affecting Whale →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users are redirected to phishing sites or malware distribution pages when trying to access the legitimate extension store, leading to credential theft or system compromise.

🟠

Likely Case

Users experience disruption accessing the extension store or are redirected to unwanted advertising pages.

🟢

If Mitigated

With updated browser and careful extension management, impact is limited to temporary inconvenience.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user to install a malicious extension first.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.12.129.18 and later

Vendor Advisory: https://cve.naver.com/detail/cve-2022-24073

Restart Required: Yes

Instructions:

1. Open Whale browser. 2. Click menu (three dots) → Help → About Whale. 3. Browser will automatically check for and install updates. 4. Restart browser when prompted.

🔧 Temporary Workarounds

Disable suspicious extensions

all

Remove or disable extensions that are not from trusted sources

Open Whale browser → Menu → More tools → Extensions → Toggle off or remove suspicious extensions

🧯 If You Can't Patch

Use alternative browsers for accessing extension stores
Implement network filtering to block redirects to unknown domains

🔍 How to Verify

Check if Vulnerable:

Check browser version in menu → Help → About Whale. If version is below 3.12.129.18, system is vulnerable.

Check Version:

whale://version/ (in browser address bar)

Verify Fix Applied:

Confirm browser version is 3.12.129.18 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unexpected redirects from store.whale.naver.com to external domains
Extension installation/update failures

Network Indicators:

HTTP 302 redirects from extension store to suspicious domains
DNS queries to unexpected domains after accessing store

SIEM Query:

url:store.whale.naver.com AND (status_code:302 OR dest_ip:[external_suspicious_ips])

📊 Metadata

CVE ID: CVE-2022-24073

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-648

Published: March 17, 2022

Last Updated: November 21, 2024

🔗 References

https://cve.naver.com/detail/cve-2022-24073 Vendor Advisory
https://cve.naver.com/detail/cve-2022-24073 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-24073, you might also want to check these: