Lucene search
K

5 matches found

Cvelist
Cvelist
added 2025/02/06 5:32 p.m.62 views

CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

8.2CVSS0.00817EPSS
Exploits0References3
Prion
Prion
added 2022/03/21 7:15 p.m.14 views

Design/Logic Flaw

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

7.5CVSS9.3AI score0.01582EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/03/21 6:50 p.m.6 views

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

9.8CVSS9.4AI score0.01582EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/03/21 6:50 p.m.55 views

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

9.8CVSS9.6AI score0.01582EPSS
Exploits0References3
Prion
Prion
added 2021/09/16 3:15 p.m.19 views

Design/Logic Flaw

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

7.5CVSS9.3AI score0.01093EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder