Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-441 (未有动机的代理或中间人(混淆代理)) — Vulnerability Class 33

33 vulnerabilities classified as CWE-441 (未有动机的代理或中间人(混淆代理)). AI Chinese analysis included.

CWE-441 represents a design flaw where a system acts as an unintended intermediary, failing to preserve the original requestor’s identity when forwarding messages to external actors. This weakness allows attackers to exploit the system by manipulating upstream components to issue malicious requests that appear to originate from the trusted application itself. Consequently, the vulnerable software performs actions on behalf of the attacker, potentially bypassing access controls or triggering unintended side effects within protected resources. To mitigate this risk, developers must implement robust identity preservation mechanisms, such as cryptographic signing or secure token passing, ensuring that the true source of every request is explicitly validated and maintained throughout the communication chain. By strictly enforcing source authentication and avoiding blind forwarding, organizations can prevent their systems from being coerced into acting as confused deputies for unauthorized operations.

MITRE CWE Description
The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor. If an attacker cannot directly contact a target, but the product has access to the target, then the attacker can send a request to the product and have it be forwarded to the target. The request would appear to be coming from the product's system, not the attacker's system. As a result, the attacker can bypass access controls (such as firewalls) or hide the source of malicious requests, since the requests would not be coming directly from the attacker. Since proxy functionality and message-forwarding often serve a legitimate purpose, this issue only becomes a vulnerability when: The product runs with different privileges or on a different system, or otherwise has different levels of access than the upstream component; The attacker is prevented from making the request directly to the target; and The attacker can create a request that the proxy does not explicitly intend to be forwarded on the behalf of the requester. Such a request might point to an unexpected hostname, port number, hardware IP, or service. Or, the request might be sent to an allo…
Common Consequences (1)
Non-Repudiation, Access ControlGain Privileges or Assume Identity, Hide Activities, Execute Unauthorized Code or Commands
Mitigations (2)
Architecture and DesignEnforce the use of strong mutual authentication mechanism between the two parties.
Architecture and DesignWhenever a product is an intermediary or proxy for transactions between two other components, the proxy core should not drop the identity of the initiator of the transaction. The immutability of the identity of the initiator must be maintained and should be forwarded all the way to the target.
Examples (1)
A SoC contains a microcontroller (running ring-3 (least trusted ring) code), a Memory Mapped Input Output (MMIO) mapped IP core (containing design-house secrets), and a Direct Memory Access (DMA) controller, among several other compute elements and peripherals. The SoC implements access control…
The code in ring-3 (least trusted ring) of the
                     microcontroller attempts to directly read the protected
                     registers in IP core through MMIO transactions. However,
                     this attempt is blocked due to the implemented access
                     control. Now, the microcontroller configures the DMA core
                     to transfer data from the protected registers to a memory
                     region that it has access to. The DMA core, which is
                     acting as an intermediary in this transaction, does not
Bad · Other
The DMA
                     core forwards this transaction with the identity of the
                     code executing on the microcontroller, which is the
                     original initiator of the end-to-end transaction. Now the
                     transaction is blocked, as a result of forwarding the
                     identity of the true initiator which lacks the permission
                     to access the confidential MMIO mapped IP core.
Good · Other
CVE IDTitleCVSSSeverityPublished
CVE-2026-45182 GrapheneOS 20260504前IP泄露漏洞 — GrapheneOS 2.2 Low2026-05-09
CVE-2026-41365 OpenClaw < 2026.3.31 - Sender Allowlist Bypass via Graph API Thread History — OpenClaw 5.4 Medium2026-04-27
CVE-2026-6993 go-kratos http.DefaultServeMux Fallback server.go NewServer confused deputy — kratos 5.3 Medium2026-04-25
CVE-2026-39906 Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via .NET Remoting — WebPerfect Image Suite 9.8 -2026-04-14
CVE-2025-62718 Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF — axios 7.4AIHighAI2026-04-09
CVE-2026-27124 FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities — fastmcp 9.1AICriticalAI2026-04-03
CVE-2026-33768 Astro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path` — astro 6.5 Medium2026-03-24
CVE-2026-30225 OliveTin: RestartAction always runs actions as guest — OliveTin 5.3 Medium2026-03-06
CVE-2023-31313 AMD Instinct MI210和AMD Instinct MI250 安全漏洞 — AMD Instinct™ MI210 7.2 High2026-02-12
CVE-2026-24471 Improper Validation in Conduit-derived homeservers resulting in Unintended Proxy or Intermediary ('Confused Deputy') — continuwuity 7.1AIHighAI2026-02-02
CVE-2026-24470 Skipper Ingress Controller Allows Unauthorized Access to Internal Services via ExternalName — skipper 8.1 High2026-01-26
CVE-2025-64125 Nuvation Energy nCloud Client-to-Client Communication — nCloud VPN Service 10.0 -2026-01-03
CVE-2025-64123 Nuvation Energy Multi-Stack Controller Proxy service allows arbitrary BMS access — Multi-Stack Controller (MSC) 8.6 -2026-01-02
CVE-2025-68944 Gitea 安全漏洞 — Gitea 5.0 Medium2025-12-26
CVE-2025-11393 Insights-runtimes-tech-preview/runtimes-inventory-rhel8-operator: improper proxy configuration allows unauthorized administrative commands — Red Hat Lightspeed (formerly Insights) for Runtimes 1 8.7 High2025-12-15
CVE-2025-66415 fastify-reply-from bypass of reply forwarding — fastify-reply-from 6.5AIMediumAI2025-12-01
CVE-2025-48710 kro(Kube Resource Orchestrator) 安全漏洞 — kro 4.1 Medium2025-06-04
CVE-2025-47269 code-server session cookie can be extracted by having user visit specially crafted proxy URL — code-server 8.3 High2025-05-09
CVE-2025-25061 JTEKT ELECTRONICS HMI ViewJet C-more 安全漏洞 — HMI ViewJet C-more series 8.2AIHighAI2025-04-04
CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab — GitLab 4.3 Medium2025-02-12
CVE-2023-33188 Uncontrolled data used in content resolution — Omni-Notes 6.3 Medium2023-05-27
CVE-2022-39349 Tasks.org vulnerable to data exfiltration by malicous app or adb — tasks 5.5 Medium2022-10-25
CVE-2015-10003 FileZilla Server PORT confused deputy — Server 4.3 Medium2022-07-17
CVE-2021-20042 SonicWall SMA100 安全漏洞 — SonicWall SMA100 9.3 -2021-12-08
CVE-2021-25740 Holes in EndpointSlice Validation Enable Host Network Hijack — Kubernetes 3.1 Low2021-09-20
CVE-2020-8561 Webhook redirect in kube-apiserver — Kubernetes 4.1 Medium2021-09-20
CVE-2021-32783 Authorization bypass in Contour — contour 8.5 High2021-07-23
CVE-2021-32773 Confused deputy attack in sandbox module resolution — racket 6.1 Medium2021-07-19
CVE-2020-26262 Loopback bypass in Coturn — coturn 7.2 High2021-01-13
CVE-2020-5412 Hystrix Dashboard Proxy In spring-cloud-netflix-hystrix-dashboard — Spring Cloud Netflix 6.5 -2020-08-07

Vulnerabilities classified as CWE-441 (未有动机的代理或中间人(混淆代理)) represent 33 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.