Weaknesses of type CWE-441
89 resultsCVE-2025-47269HIGHcode-server session cookie can be extracted by having user visit specially crafted proxy URLEPSS 34.3%CVE-2019-3924—MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute EPSS 15.7%CVE-2020-5412—Hystrix Dashboard Proxy In spring-cloud-netflix-hystrix-dashboardEPSS 10.2%CVE-2019-3996—ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.EPSS 5.9%CVE-2021-20042—An unauthenticated remote attacker can use SMA 100 as an unintended proxy or intermediary undetectable proxy to bypass firewall rules. This EPSS 2.7%CVE-2019-1841MEDIUMCisco DNA Center Unintended Proxy Via SWIM Import Interface VulnerabilityEPSS 2.6%CVE-2020-8561MEDIUMWebhook redirect in kube-apiserverEPSS 2.0%CVE-2021-25740LOWHoles in EndpointSlice Validation Enable Host Network HijackEPSS 1.8%CVE-2020-26262HIGHLoopback bypass in CoturnEPSS 1.3%CVE-2021-32783HIGHAuthorization bypass in ContourEPSS 1.2%CVE-2025-62718MEDIUMAxios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRFEPSS 1.1%CVE-2022-39361HIGHMetabase vulnerable to Remote Code Execution via H2EPSS 1.0%CVE-2026-23751CRITICALKofax Capture 6.0.0.0 Unauthenticated File Read/Write & SMB Coercion via .NET RemotingEPSS 0.9%CVE-2021-32773MEDIUMConfused deputy attack in sandbox module resolutionEPSS 0.9%CVE-2025-23217HIGHMitmweb API Authentication Bypass Using Proxy ServerEPSS 0.8%CVE-2026-39906HIGHUnisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via .NET RemotingEPSS 0.7%CVE-2025-68667CRITICALConduit-derived homeservers are affected by a Confused Deputy and Improper Input Validation issueEPSS 0.5%CVE-2026-44494HIGHAxios: Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`EPSS 0.5%CVE-2015-10003MEDIUMFileZilla Server PORT confused deputyEPSS 0.4%CVE-2026-7381CRITICALPlack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewritingEPSS 0.4%