目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-441 未有动机的代理或中间人(混淆代理) 类漏洞列表 32

CWE-441 未有动机的代理或中间人(混淆代理) 类弱点 32 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-441 属于身份混淆漏洞,指系统在转发请求时未保留原始来源信息,导致其伪装成请求发起者。攻击者常利用此缺陷,通过中间系统间接执行特权操作,从而绕过访问控制。开发者应避免此问题,确保在跨边界通信时严格验证并传递原始身份标识,实施最小权限原则,防止系统被误用为不受控的代理。

MITRE CWE 官方描述
CWE:CWE-441 意外代理或中间人('Confused Deputy') 英文:产品从上游组件接收请求、消息或指令,但在将请求转发给处于产品控制范围之外的外部实体之前,未能充分保留请求的原始来源。这导致产品表现为请求的来源,从而充当上游组件与外部实体之间的代理或其他中间人。 如果攻击者无法直接联系目标,但产品可以访问该目标,则攻击者可以向产品发送请求,并让该产品将请求转发至目标。该请求看起来来自产品系统,而非攻击者系统。因此,攻击者可以绕过访问控制(例如防火墙)或隐藏恶意请求的来源,因为这些请求并非直接来自攻击者。由于代理功能和消息转发通常具有合法用途,只有满足以下条件时,此问题才会成为漏洞:产品以不同的权限运行或在不同的系统上运行,或者具有与上游组件不同的访问级别;攻击者被阻止直接向目标发起请求;以及攻击者可以创建代理未明确意图代表请求者转发的请求。此类请求可能指向意外的主机名、端口号、硬件 IP 或服务。或者,请求可能发送至允许的服务,但请求可能包含不允许的指令、命令或资源。
常见影响 (1)
Non-Repudiation, Access ControlGain Privileges or Assume Identity, Hide Activities, Execute Unauthorized Code or Commands
缓解措施 (2)
Architecture and DesignEnforce the use of strong mutual authentication mechanism between the two parties.
Architecture and DesignWhenever a product is an intermediary or proxy for transactions between two other components, the proxy core should not drop the identity of the initiator of the transaction. The immutability of the identity of the initiator must be maintained and should be forwarded all the way to the target.
代码示例 (1)
A SoC contains a microcontroller (running ring-3 (least trusted ring) code), a Memory Mapped Input Output (MMIO) mapped IP core (containing design-house secrets), and a Direct Memory Access (DMA) controller, among several other compute elements and peripherals. The SoC implements access control…
The code in ring-3 (least trusted ring) of the
                     microcontroller attempts to directly read the protected
                     registers in IP core through MMIO transactions. However,
                     this attempt is blocked due to the implemented access
                     control. Now, the microcontroller configures the DMA core
                     to transfer data from the protected registers to a memory
                     region that it has access to. The DMA core, which is
                     acting as an intermediary in this transaction, does not
Bad · Other
The DMA
                     core forwards this transaction with the identity of the
                     code executing on the microcontroller, which is the
                     original initiator of the end-to-end transaction. Now the
                     transaction is blocked, as a result of forwarding the
                     identity of the true initiator which lacks the permission
                     to access the confidential MMIO mapped IP core.
Good · Other
CVE ID标题CVSS风险等级Published
CVE-2026-41365 OpenClaw 安全漏洞 — OpenClaw 5.4 Medium2026-04-27
CVE-2026-6993 kratos 安全漏洞 — kratos 5.3 Medium2026-04-25
CVE-2026-39906 Unisys WebPerfect Image Suite 安全漏洞 — WebPerfect Image Suite 9.8 -2026-04-14
CVE-2025-62718 Axios 安全漏洞 — axios 7.4AIHighAI2026-04-09
CVE-2026-27124 FastMCP 安全漏洞 — fastmcp 9.1AICriticalAI2026-04-03
CVE-2026-33768 Astro 安全漏洞 — astro 6.5 Medium2026-03-24
CVE-2026-30225 OliveTin 安全漏洞 — OliveTin 5.3 Medium2026-03-06
CVE-2023-31313 AMD Instinct MI210和AMD Instinct MI250 安全漏洞 — AMD Instinct™ MI210 7.2 High2026-02-12
CVE-2026-24471 continuwuity 安全漏洞 — continuwuity 7.1AIHighAI2026-02-02
CVE-2026-24470 Skipper 代码问题漏洞 — skipper 8.1 High2026-01-26
CVE-2025-64125 Nuvation Energy nCloud VPN 安全漏洞 — nCloud VPN Service 10.0 -2026-01-03
CVE-2025-64123 Nuvation Energy Multi-Stack Controller 安全漏洞 — Multi-Stack Controller (MSC) 8.6 -2026-01-02
CVE-2025-68944 Gitea 安全漏洞 — Gitea 5.0 Medium2025-12-26
CVE-2025-11393 Red Hat Runtimes Inventory Operator 安全漏洞 — Red Hat Lightspeed (formerly Insights) for Runtimes 1 8.7 High2025-12-15
CVE-2025-66415 Fastify 安全漏洞 — fastify-reply-from 6.5AIMediumAI2025-12-01
CVE-2025-48710 kro(Kube Resource Orchestrator) 安全漏洞 — kro 4.1 Medium2025-06-04
CVE-2025-47269 Coder Code-Server 安全漏洞 — code-server 8.3 High2025-05-09
CVE-2025-25061 JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞 — HMI ViewJet C-more series 8.2AIHighAI2025-04-04
CVE-2024-9870 GitLab Enterprise Edition 安全漏洞 — GitLab 4.3 Medium2025-02-12
CVE-2023-33188 Omni-Notes 安全漏洞 — Omni-Notes 6.3 Medium2023-05-27
CVE-2022-39349 tasks 安全漏洞 — tasks 5.5 Medium2022-10-25
CVE-2015-10003 FileZilla 安全漏洞 — Server 4.3 Medium2022-07-17
CVE-2021-20042 SonicWall SMA100 安全漏洞 — SonicWall SMA100 9.3 -2021-12-08
CVE-2021-25740 Red Hat OpenShift Container Platform 安全漏洞 — Kubernetes 3.1 Low2021-09-20
CVE-2020-8561 Red Hat OpenShift 安全漏洞 — Kubernetes 4.1 Medium2021-09-20
CVE-2021-32783 Contour 安全漏洞 — contour 8.5 High2021-07-23
CVE-2021-32773 Racket 安全漏洞 — racket 6.1 Medium2021-07-19
CVE-2020-26262 CoTURN 授权问题漏洞 — coturn 7.2 High2021-01-13
CVE-2020-5412 VMware Spring Cloud Netflix 安全漏洞 — Spring Cloud Netflix 6.5 -2020-08-07
CVE-2019-3996 ELOG 安全漏洞 — ELOG 5.3 -2019-12-17

CWE-441(未有动机的代理或中间人(混淆代理)) 是常见的弱点类别,本平台收录该类弱点关联的 32 条 CVE 漏洞。