CVE-2025-70029
TLS Certificate Validation Bypass in SunbirdEd-portal v
Publication date: 2026-02-11
Last updated on: 2026-04-01
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sunbird | sunbirded-portal | 1.13.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2025-70029 is a vulnerability in SunbirdEd-portal version 1.13.4 where the application disables TLS/SSL certificate validation by setting the HTTP request option 'rejectUnauthorized' to false."}, {'type': 'paragraph', 'content': 'This improper certificate validation allows attackers, such as man-in-the-middle (MITM) attackers, to spoof servers and intercept sensitive data transmitted between the client and server.'}] [2]
How can this vulnerability impact me? :
This vulnerability can compromise the confidentiality and integrity of communications between the client and server.
Attackers exploiting this issue can intercept sensitive information by spoofing servers, potentially leading to data breaches or unauthorized access to sensitive data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability arises because the application disables TLS/SSL certificate validation by setting the HTTP request option 'rejectUnauthorized' to false, which can be detected by inspecting the application's HTTP request configurations or network traffic for TLS/SSL validation bypass."}, {'type': 'paragraph', 'content': "To detect this on your system, you can check the source code or configuration files of SunbirdEd-portal version 1.13.4 for the presence of 'rejectUnauthorized: false' in HTTP request options."}, {'type': 'paragraph', 'content': 'On the network level, you can monitor for suspicious man-in-the-middle (MITM) activity or untrusted TLS connections by capturing traffic with tools like Wireshark or tcpdump and analyzing for unexpected certificate errors or unencrypted data.'}, {'type': 'list_item', 'content': "Use grep or similar commands to search for 'rejectUnauthorized' in the application code: grep -r 'rejectUnauthorized' /path/to/sunbirded-portal"}, {'type': 'list_item', 'content': 'Use network capture tools to monitor TLS traffic: sudo tcpdump -i any port 443 -w capture.pcap'}, {'type': 'list_item', 'content': 'Analyze captured traffic with Wireshark to check for TLS certificate validation issues or unencrypted data.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "To mitigate this vulnerability, immediately ensure that the application enforces proper TLS/SSL certificate validation by setting 'rejectUnauthorized' to true in all HTTP request options."}, {'type': 'paragraph', 'content': 'Review and update the application code or configuration to remove any instances where certificate validation is disabled.'}, {'type': 'paragraph', 'content': 'If possible, upgrade to a fixed or patched version of SunbirdEd-portal that addresses this issue.'}, {'type': 'paragraph', 'content': 'Additionally, monitor network traffic for signs of man-in-the-middle attacks and consider using network security tools to detect and block suspicious activity.'}] [2]