CVE-2026-40606

MEDIUM

ProxyAuth Addon LDAP Injection in mitmproxy

Title source: cna

Description

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. Only mitmproxy instances using the proxyauth option with LDAP are affected. This option is not enabled by default. The vulnerability has been fixed in mitmproxy 12.2.2 and above.

References (1)

[X_Refsource_Confirm] https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-527g-3w9m-29hv

Scores

CVSS v3 4.8

EPSS 0.0004

EPSS Percentile 13.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-90

Status published

Products (1)

mitmproxy/mitmproxy < 12.2.2 (2 CPE variants)

Published Apr 21, 2026

Tracked Since Apr 21, 2026