Trapdoor Vulnerability in ENS Domain Ownership Transfer Fixed in New Deployment

Trapdoor Vulnerability in ENS Domain Ownership Transfer Fixed in New Deployment

CVE-2020-5232 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry.

Learn more about our User Device Pen Test.