#VU125835 LDAP injection in mitmproxy
Published: April 13, 2026
Vulnerability identifier: #VU125835
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-90
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
mitmproxy
mitmproxy
Software vendor:
mitmproxy.org
mitmproxy.org
Description
The vulnerability allows a remote attacker to bypass authentication.
The vulnerability exists due to improper neutralization of special elements used in an LDAP query in the builtin LDAP proxy authentication when querying the LDAP server with an unsanitized username. A remote attacker can supply a crafted username to bypass authentication.
Only mitmproxy instances using the proxyauth option with LDAP are vulnerable, and this option is not enabled by default.
Remediation
Install security update from vendor's website.