Main Vulnerability Database Vulnerabilities #VU125835

LDAP injection in mitmproxy - #VU125835

Published: April 13, 2026

Vulnerability identifier: #VU125835

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: N/A

CWE-ID: CWE-90

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: mitmproxy.org

Affected software:
mitmproxy

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to improper neutralization of special elements used in an LDAP query in the builtin LDAP proxy authentication when querying the LDAP server with an unsanitized username. A remote attacker can supply a crafted username to bypass authentication.

Only mitmproxy instances using the proxyauth option with LDAP are vulnerable, and this option is not enabled by default.

Remediation

Install security update from vendor's website.

Sources

https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-527g-3w9m-29hv

LDAP injection in mitmproxy - #VU125835

Detailed vulnerability description

Remediation

Sources

Please verify you're human