CVE-2025-23217

Name of the Vulnerable Software and Affected Versions mitmweb versions 11.1.1 and below mitmproxy versions 11.1.1 and below

Description A malicious client can use mitmweb's proxy server to access mitmweb's internal API, potentially leading to remote code execution. The mitmproxy and mitmdump tools are unaffected. Only mitmweb is affected. The vulnerability can be exploited by an attacker in the same local network, as the block global option blocks connections from publicly-routable IP addresses.

Recommendations For mitmweb versions 11.1.1 and below, update to mitmproxy 11.1.2 or above to fix the vulnerability. For mitmproxy versions 11.1.1 and below, update to mitmproxy 11.1.2 or above to fix the vulnerability. As a temporary workaround, consider restricting access to the internal API endpoint 127.0.0.1:8081 to minimize the risk of exploitation. Restrict access to the proxy server bound to *:8080 to prevent unauthorized access.