Login Sign Up

CVE-2022-31164

7.5 HIGH
Authentication Bypass

📋 TL;DR

CVE-2022-31164 is an authentication bypass vulnerability in Tovy, a Roblox group staff management system. It allows any user to log in as other users, including privileged administrators and instance owners. This affects all Tovy deployments running versions before 0.7.51.

💻 Affected Systems

Products:
  • Tovy
Versions: All versions prior to 0.7.51
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: All Tovy deployments are vulnerable regardless of configuration. The vulnerability exists in the authentication mechanism itself.

📦 What is this software?

Tovy by Tovyblox

View all CVEs affecting Tovy →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control over the Tovy instance, allowing them to modify user permissions, access sensitive staff data, and potentially compromise associated Roblox groups.

🟠

Likely Case

Unauthorized users impersonate administrators to modify staff permissions, access confidential information, or disrupt group management operations.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the Tovy application itself, though credential theft and privilege escalation remain possible.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability allows authentication bypass without credentials. While no public exploit code exists, the advisory provides technical details that could facilitate exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.7.51

Vendor Advisory: https://github.com/tovyblox/tovy/security/advisories/GHSA-j6f8-wh4v-jc37

Restart Required: Yes

Instructions:

1. Stop the Tovy service. 2. Update to version 0.7.51 or later using your deployment method (npm update, Docker pull, etc.). 3. Restart the Tovy service. 4. Verify the update was successful.

🧯 If You Can't Patch

  • Isolate the Tovy instance behind a firewall with strict access controls.
  • Implement network monitoring for unusual authentication patterns and privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check the Tovy package.json file or application version endpoint for version number. If version is below 0.7.51, the system is vulnerable.

Check Version:

Check package.json: grep '"version"' package.json or access the application's version endpoint if available.

Verify Fix Applied:

After updating, verify the version is 0.7.51 or higher and test authentication functionality with normal user accounts.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by successful login from same IP
  • User accounts logging in from unusual IP addresses
  • Administrative actions performed by non-admin users

Network Indicators:

  • Unusual authentication request patterns to Tovy endpoints
  • Traffic spikes to administrative endpoints

SIEM Query:

source="tovy.logs" AND (event="login" AND result="success" AND user="admin" AND src_ip NOT IN [admin_ips])

📊 Metadata

CVE ID: CVE-2022-31164
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE: CWE-287
Published: July 22, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31164, you might also want to check these:

CVE-2024-27767 10.0

CVE-2024-27767 is an authentication bypass vulnerability that allows attackers to gain unauthorized ...

Same vulnerability type (CWE-287)
CVE-2026-24898 10.0

OpenEMR versions before 8.0.0 contain an unauthenticated token disclosure vulnerability in the MedEx...

Same vulnerability type (CWE-287)
CVE-2026-20127 10.0

This critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager al...

Same vulnerability type (CWE-287)