Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored as SHA-1, although SHA-1 is considered weak.
This issue affects Cyberduck: through 9.1.6; Mountain Duck: through 4.17.5.
AnalysisAI
Cyberduck and Mountain Duck improperly implement TLS certificate pinning by storing certificate fingerprints using the cryptographically weak SHA-1 algorithm instead of modern alternatives like SHA-256. This allows attackers to potentially forge or spoof self-signed certificates and perform man-in-the-middle (MITM) attacks against users of affected versions. The vulnerability affects Cyberduck through version 9.1.6 and Mountain Duck through version 4.17.5; while no public POC or active KEV exploitation is currently documented, the CVSS 7.4 rating reflects high confidentiality and integrity impact.
Technical ContextAI
Certificate pinning is a security mechanism that binds a specific certificate (or its public key) to a domain to prevent MITM attacks, especially against self-signed or enterprise certificates. This vulnerability (CWE-328: Use of Insufficiently Random Values) represents a weak cryptographic implementation where fingerprints are computed using SHA-1, which has known collision vulnerabilities since 2017 (SHAttered attack). SHA-1's cryptographic weakness allows adversaries with sufficient computational resources to generate collision attacks or forge certificates with matching SHA-1 fingerprints. Cyberduck (CPE: cpe:2.3:a:cyberduck:cyberduck) and Mountain Duck (CPE: cpe:2.3:a:cyberduck:mountain_duck) are file transfer clients that support SFTP, FTP, and cloud storage protocols, where certificate pinning should protect against credential theft and session hijacking. The root cause is the selection of SHA-1 as the pinning hash algorithm rather than SHA-256 or stronger alternatives.
RemediationAI
- action: Update Cyberduck; details: Upgrade to version 9.1.7 or later. Patched versions replace SHA-1 fingerprint storage with SHA-256.
- action: Update Mountain Duck; details: Upgrade to version 4.17.6 or later.
- action: Interim Mitigation; details: If immediate patching is not possible, users should avoid relying on certificate pinning for self-signed certificates and instead implement additional authentication mechanisms (e.g., key-based authentication with passphrases). Restrict network access to trusted networks only.
- action: Certificate Management; details: For enterprise deployments, migrate self-signed certificates to properly issued certificates from trusted CAs, reducing reliance on certificate pinning.
Same weakness CWE-328 – Use of Weak Hash
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-19095