CVE-2026-25651
client-certificate-auth has an Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.1EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
06 feb 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using the unvalidated Host header, allowing an attacker to redirect users to arbitrary domains. This vulnerability is fixed in 1.0.0.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
tgies · client-certificate-auth¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →