What this actually is.
Technical background, root cause, and affected surface.
The DHCAST128 UAM (User Authentication Module) in Netatalk uses a broken cryptographic algorithm that is susceptible to cryptanalytic attacks. An attacker intercepting AFP authentication exchanges can recover user credentials offline.
- Vendor
- Netatalk
- Product
- Netatalk
- Severity
- High
- CVSS Score
- 7.4
- Status
- Published
- CWE
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
From one request
to root shell.
Reproduced in a sandboxed environment. Requires only LAN or WiFi adjacency.
The bug, and the fix.
etc/uams/uams_dhcast128.c: DHCAST128 authentication handshake uses cryptographically weak algorithm for key exchange and credential protection
Root cause: DHCAST128 relies on a deprecated, cryptographically weak algorithm that does not provide adequate protection against modern cryptanalytic techniques
When does this fire?
All conditions must be true for the exploit to succeed.
AFP client authenticates using DHCAST128 UAM; attacker captures the authentication exchange via network sniffing
What an attacker does to you.
Post-exploitation outcomes mapped to CVSS impact metrics.
Recovery of AFP user credentials via offline cryptanalysis; authentication impersonation
Fix it. In this order.
A runbook, not a checklist. Sequence matters — assume compromise before you act.
Upgrade to Netatalk 4.4.3 and disable DHCAST128 UAM. Use DHX2 (Diffie-Hellman Exchange 2) which uses cryptographically sound algorithms.
disclose@securin.ioVendors moved in days.
Attackers in hours.
Reconstructed from vendor advisories, CISA bulletins, and Securin research records.
2026-05-13: Netatalk 4.4.3 patch released | 2026-05-21: CVE published to MITRE
Timeline recorded · Disclosure coordinated by Securin
Cite, verify, go deeper.
Primary sources — NVD, CISA KEV, and machine-readable IoC feed.