Prototype pollution risk in snaps controllers `setState` handling possible `__proto__` assignment

[ptrgits]

There appears to be a prototype-pollution source in the snaps codebase where user-controlled keys may be assigned directly into objects/state without filtering or sanitization. The vulnerable code paths are in the SnapController and the setState RPC handler. An attacker controlling a key such as __proto__ can modify Object.prototype and thus influence many objects across the runtime.

https://github.com/MetaMask/snaps/blob/5a10086bfd2050a74aeaacd28de216ff06033972/packages/snaps-controllers/src/snaps/SnapController.ts#L3983-L3987 https://github.com/MetaMask/snaps/blob/5a10086bfd2050a74aeaacd28de216ff06033972/packages/snaps-controllers/src/snaps/SnapController.ts#L3946-L3952 https://github.com/MetaMask/snaps/blob/5a10086bfd2050a74aeaacd28de216ff06033972/packages/snaps-rpc-methods/src/permitted/setState.ts#L263-L265

Prototype pollution allows to add or modify properties on Object.prototype. Because most objects inherit from Object.prototype, those newly added properties can change application logic, enable gadget chains, or lead to client-side XSS or server-side RCE in some contexts. and then merges/assigns state into an internal object without sanitizing keys, the __proto__ setter will pollute Object.prototype so every object {} .isAdmin === true which can be abused if later code checks obj.isAdmin before privileged operations.

References Prototype pollution

lodash jQuery extend just-extend merge.recursive.