CVE-2025-49004
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-09

Last updated on: 2025-06-12

Assigner: GitHub, Inc.

Description
Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website loaded in the browser can hijack the locally running Caido instance and achieve remote command execution during the initial setup. Even if the Caido instance is already configured, an attacker can initiate the authentication flow by performing DNS rebinding. In this case, the victim needs to authorize the request on dashboard.caido.io. Users should upgrade to version 0.48.0 to receive a patch.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-09
Last Modified
2025-06-12
Generated
2026-05-07
AI Q&A
2025-06-10
EPSS Evaluated
2026-05-05
NVD
CVE-2025-49004
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-290 This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in Caido, a web security auditing toolkit, is due to a lack of protection against DNS rebinding attacks prior to version 0.48.0. An attacker can load Caido on a malicious domain and hijack its authentication flow, allowing remote code execution. This can happen during the initial setup or even after configuration if the attacker initiates the authentication flow via DNS rebinding. The victim may need to authorize requests on dashboard.caido.io. Upgrading to version 0.48.0 patches this issue.


How can this vulnerability impact me? :

This vulnerability can allow an attacker to execute remote commands on a locally running Caido instance by hijacking its authentication flow through DNS rebinding. This could lead to unauthorized access, control over the system running Caido, and potentially compromise sensitive data or system integrity.


What immediate steps should I take to mitigate this vulnerability?

Upgrade Caido to version 0.48.0 or later to receive the patch that fixes the DNS rebinding vulnerability. Until then, be cautious of attacker-controlled domains and avoid authorizing unexpected authentication requests on dashboard.caido.io.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart