CVE-2022-24766 Information

Description

mitmproxy is an interactive SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response’s HTTP message body. While mitmproxy would only see one request the target server would see multiple requests. A smuggled request is still captured as part of another request’s body but it does not appear in the request list and does not go through the usual mitmproxy event hooks where users may have implemented custom access control checks or input sanitization. Unless mitmproxy is used to protect an HTTP/1 service no action is required. The vulnerability has been fixed in mitmproxy 8.0.0 and above. There are currently no known workarounds.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://mitmproxy.org/posts/releases/mitmproxy8/ https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-gcx2-gvj7-pxv3 https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8