8 matches found
CVE-2025-23217
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
CVE-2025-23217
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
CVE-2025-23217
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
CVE-2025-23217
CVE-2025-23217 affects mitmweb (the web UI of mitmproxy). In versions 11.1.1 and earlier, a malicious client connected to mitmweb’s proxy server (default bind 0.0.0.0:8080) could reach mitmweb’s internal API (127.0.0.1:8081) through the proxy, enabling SSRF-style access that may lead to remote co...
CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server
mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...
chameli (>=0.1.12 <=0.1.16), clotho (=0.1.0) +12 more potentially affected by CVE-2025-23217 via mitmproxy (>=10.1.5 <=11.0.2)
mitmproxy PYPI version =10.1.5, =0.1.12, =0.1.0, =4.0.0, =0.34.0, =0.11.0, =1.0.0, =1.1.0, =0.1.0, =3.2.0, =0.0.1, =0.0.3 Source cves: CVE-2025-23217 Source advisory: OSV:GHSA-WG33-5H85-7Q5P...