Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-57082

Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-330 Uso de valores insuficientemente aleatorios
Fecha de publicación:
30/06/2026
Última modificación:
30/06/2026

Descripción

*** Pendiente de traducción *** Net::BitTorrent versions through 2.0.1 for Perl generate the MSE Diffie-Hellman private key with a non-cryptographic PRNG.<br /> <br /> The MSE (Message Stream Encryption) handshake derives its 160-bit Diffie-Hellman private key from Perl&amp;#39;s rand(), a non-cryptographic drand48-class generator seeded once per process, in KeyExchange.pm. The shared secret and the RC4 keys derived from it (the SHA-1 of "keyA" or "keyB", the shared secret, and the infohash) therefore depend entirely on a predictable PRNG. The same handshake sends, in cleartext, random padding drawn from the same rand() sequence in _random_pad, immediately after the public key and the private-key draw.<br /> <br /> A passive observer of the handshake recovers the PRNG state from the cleartext padding, reconstructs the private key, computes the shared secret from the peer&amp;#39;s public key on the wire, derives the RC4 keys, and decrypts the connection, defeating the passive-observation obfuscation MSE provides.