### [CVE-2021-31616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31616)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereum_extractThorchainSwapData() in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is reachable remotely over WebUSB.

### POC

#### Reference
- https://blog.inhq.net/posts/keepkey-CVE-2021-31616/

#### Github
No PoCs found on GitHub currently.