5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-67485

CVE-2025-67485: HTTP/HTTPS Traffic Interception Bypass in mad-proxy

A vulnerability in mad-proxy versions <= 0.3 allows attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-67485

CVE-2025-67485:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mad-proxy	pip	<= 0.3

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is a bypass of the HTTP/HTTPS traffic interception in mad-proxy version 0.3 and older. The advisory mentions a patch in version 0.4, but no corresponding tag or commit could be found in the repository. The analysis is therefore based on the source code of the latest available version, which is consistent with the vulnerable version 0.3. The root cause of the vulnerability was identified in the request function within the mad_proxy/proxy_server.py file. This function is responsible for intercepting and blocking requests to certain domains. The vulnerability lies in the case-sensitive nature of the domain check: if domain in url:. An attacker can exploit this by using mixed-case characters in the domain name of the URL, which will not match the blocklist and thus bypass the filter. The vulnerable function is request as it contains this flawed logic.

Vulnerable functions

request

mad_proxy/proxy_server.py

The function `request` in `mad_proxy/proxy_server.py` is vulnerable to a bypass of the traffic interception rule. The check `if domain in url:` is case-sensitive. An attacker can send a request with a domain name using different capitalization (e.g., `EXAMPLE.COM` instead of `example.com`) to bypass the blocklist. This allows access to domains that should be blocked.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-67485: HTTP/HTTPS Traffic Interception Bypass in mad-proxy

CVE-2025-67485:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

5.3

5.3

CVE-2025-67485: HTTP/HTTPS Traffic Interception Bypass in mad-proxy

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI