CVE-2025-15612

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies o...

CVE-2025-15612 Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies o...

CVE-2025-15612

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies o...

CVE-2025-15612

CVE-2025-15612 concerns Wazuh provisioning scripts and Dockerfiles where curl is invoked with -k/--insecure, skipping SSL/TLS certificate validation. The concrete details across connected documents show: affected component is the provisioning/build infrastructure; root cause is insecure transport...

CVE-2025-15612 Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE

Wazuh provisioning scripts and Dockerfiles contain an insecure transport vulnerability where curl is invoked with the -k/--insecure flag, disabling SSL/TLS certificate validation. Attackers with network access can perform man-in-the-middle attacks to intercept and modify downloaded dependencies o...

PT-2026-28277

Name of the Vulnerable Software and Affected Versions Wazuh affected versions not specified Description The software contains an insecure transport issue due to the use of the -k or --insecure flag with curl, which disables SSL/TLS certificate validation. This allows attackers with network access...

GHSA-7MVR-C777-76HP Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate

Summary Use of curl with the -k or --insecure flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle MitM attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications. Details The following scripts in...

EUVD-2006-4487

Malware in sbrugna...

CVE-2025-10548

The CleverControl employee monitoring software v11.5.1041.6 fails to validate TLS server certificates during the installation process. The installer downloads and executes external components using curl.exe --insecure, enabling a man-in-the-middle attacker to deliver malicious files that are...

PT-2025-39149

Name of the Vulnerable Software and Affected Versions CleverControl versions prior to 11.5.1041.6 Description The software does not validate TLS server certificates during installation. The installer uses curl.exe --insecure to download and execute external components, allowing a man-in-the-middl...

curl: Insecure WebSocket Usage in curl Documentation and Examples (CWE-319: Cleartext Transmission of Sensitive Information)

The curl source repository contains official documentation and example code that demonstrate WebSocket connections using the insecure ws:// protocol instead of the secure wss://. This misleading guidance may encourage developers to implement cleartext WebSocket endpoints, exposing users and...

CVE-2006-4499

ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPTSSLVERIFYPEER and CURLOPTSSLVERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle MITM attack...