CWE-441
Unintended Proxy or Intermediary ('Confused Deputy')
The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor.
80 vulnerabilities with CWE-441
CVE-2025-48710
MEDIUM
kro 0.1.0-0.2.1 - RCE
CVSS 4.1
CVE-2025-47269
HIGH
Code-server <4.99.4 - SSRF
CVSS 8.3
CVE-2025-25061
MEDIUM
HMI ViewJet/HMI GC-A2 - Info Disclosure
CVSS 5.8
CVE-2025-25306
CRITICAL
Misskey < 2025.2.1 - Origin Validation Error
CVSS 9.3
CVE-2025-23217
HIGH
Pypi Mitmproxy < 11.1.2 - Remote Code Execution
CVE-2024-9870
MEDIUM
Gitlab < 17.6.5 - SSRF
CVSS 4.3
CVE-2024-30128
HIGH
HCL Nomad - SSRF
CVSS 8.6
CVE-2024-31319
HIGH
Java - Info Disclosure
CVSS 7.8
CVE-2024-34068
MEDIUM
Pterodactyl Panel <1.11.2 - Auth Bypass
CVSS 6.4
CVE-2023-31313
HIGH
AMD PMFW - RCE
CVSS 7.2
CVE-2023-40111
HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2023-33188
MEDIUM
Omni-notes - Path Traversal
CVSS 6.3
CVE-2023-21082
MEDIUM
Google Android - Information Disclosure
CVSS 5.5
CVE-2022-39361
HIGH
Metabase < 0.41.9 - Remote Code Execution
CVSS 8.8
CVE-2022-39349
MEDIUM
Tasks < 12.7.1 - Exposure to Wrong Actor
CVSS 5.5
CVE-2021-20042
CRITICAL
SMA - SSRF
CVSS 9.8
CVE-2021-25740
LOW
Kubernetes - SSRF
CVSS 3.1
CVE-2021-32783
HIGH
Contour <1.17.1 - DoS
CVSS 8.5
CVE-2021-32773
MEDIUM
Racket <8.2 - Code Injection
CVSS 6.1
CVE-2020-8561
MEDIUM
Kubernetes - SSRF
CVSS 4.1
CVE-2020-26262
HIGH
Coturn <4.5.2 - Info Disclosure
CVSS 7.2
CVE-2020-5412
MEDIUM
Spring Cloud Netflix <2.2.4-2.1.6 - SSRF
CVSS 6.5
CVE-2019-3996
MEDIUM
ELOG <3.1.4-57bea22 - SSRF
CVSS 6.5
CVE-2019-1841
MEDIUM
Cisco DNA Center - Auth Bypass
CVSS 6.5
CVE-2019-3924
HIGH
MikroTik RouterOS <6.43.12-6.42.12 - RCE
CVSS 7.5
Details
Vulnerabilities
80