CVE-2025-29784
📋 TL;DR
NamelessMC versions 2.1.4 and earlier have a vulnerability in forum search functionality where the 's' parameter in GET requests lacks length validation. Attackers can submit excessively long search queries, causing performance degradation and potential denial-of-service (DoS) attacks. This affects all NamelessMC installations using vulnerable versions.
💻 Affected Systems
- NamelessMC
📦 What is this software?
Nameless by Namelessmc
⚠️ Risk & Real-World Impact
Worst Case
Complete service unavailability due to resource exhaustion from repeated long queries, potentially affecting the entire web server.
Likely Case
Performance degradation and intermittent service disruption from resource-intensive search queries.
If Mitigated
Minimal impact with proper input validation and rate limiting in place.
🎯 Exploit Status
Exploitation requires only sending HTTP GET requests with long parameters to the search endpoint.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.2.0
Vendor Advisory: https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm
Restart Required: No
Instructions:
1. Backup your current installation. 2. Download NamelessMC version 2.2.0 from the official repository. 3. Replace the existing files with the new version. 4. Clear any caches if applicable.
🔧 Temporary Workarounds
Web Application Firewall (WAF) Rule
allImplement WAF rules to block or limit the length of the 's' parameter in GET requests to the forum search endpoint.
Rate Limiting
allImplement rate limiting on the forum search endpoint to prevent repeated exploitation attempts.
🧯 If You Can't Patch
- Disable forum search functionality if not essential
- Implement reverse proxy with request size limits and rate limiting
🔍 How to Verify
Check if Vulnerable:
Check if your NamelessMC version is 2.1.4 or earlier by viewing the version in the admin panel or checking the core/version.php file.Check Version:
Check the file 'core/version.php' for the version number or view it in the admin panel under 'Configuration' > 'General Settings'.Verify Fix Applied:
After updating to version 2.2.0, verify the version in the admin panel and test that long search queries are properly rejected or truncated.📡 Detection & Monitoring
Log Indicators:
- Unusually long GET requests to forum search endpoints
- Multiple rapid requests to search endpoints
- High resource usage from web server processes
Network Indicators:
- HTTP GET requests with extremely long 's' parameters
- Unusual traffic patterns to /forum/search endpoint
SIEM Query:
source="web_server_logs" AND uri_path="/forum/search" AND query_string="*s=*" AND length(query_string) > 1000🔗 References
- https://github.com/NamelessMC/Nameless/commit/f5341e56930a98978171e0a871d60f19ab30ebdd
- https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0
- https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm
- https://github.com/NamelessMC/Nameless/security/advisories/GHSA-4hrq-rf96-c2jm
