CVE-2025-70043
Improper Certificate Validation in Ayms Node-To Master TLS Socket
Publication date: 2026-02-23
Last updated on: 2026-02-23
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ayms | node-tor | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to intercept and potentially alter sensitive data transmitted over the network.
Because the application does not validate TLS/SSL certificates, attackers can impersonate legitimate servers, compromising the security and integrity of communications.
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2025-70043 is a vulnerability in the Ayms node-Tor master version related to improper certificate validation (CWE-295). The application disables TLS/SSL certificate validation by setting the 'rejectUnauthorized' option to false in the TLS socket configuration."}, {'type': 'paragraph', 'content': 'This misconfiguration means that the application does not verify the authenticity of TLS/SSL certificates, which can allow attackers to perform man-in-the-middle (MITM) attacks by spoofing servers.'}] [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by inspecting the application's TLS socket configuration to check if the 'rejectUnauthorized' option is set to false, which disables proper TLS/SSL certificate validation."}, {'type': 'paragraph', 'content': "On systems running the affected node-Tor application, you can search the source code or runtime configuration for the string 'rejectUnauthorized: false'."}, {'type': 'list_item', 'content': 'Use grep or similar command to find the setting in code or configuration files, for example: grep -r "rejectUnauthorized: false" /path/to/node-tor/'}, {'type': 'list_item', 'content': 'Monitor network traffic for suspicious man-in-the-middle activity, such as unexpected TLS certificate changes or untrusted certificates.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': "To mitigate this vulnerability, immediately ensure that the TLS socket option 'rejectUnauthorized' is set to true, enabling proper certificate validation."}, {'type': 'paragraph', 'content': 'This change will prevent the application from accepting invalid or spoofed TLS/SSL certificates, protecting against man-in-the-middle attacks.'}, {'type': 'list_item', 'content': "Review and update the node-Tor application's configuration or source code to remove or correct any instance where 'rejectUnauthorized' is set to false."}, {'type': 'list_item', 'content': 'Restart the application after applying the configuration changes to ensure the new settings take effect.'}, {'type': 'list_item', 'content': 'Consider monitoring network traffic for any signs of interception or tampering during the mitigation process.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know