undici
CVE-2026-9697
HIGH
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Network-reachable MITM with no auth or user interaction, but AC:H because the attacker needs both proxy-path positioning and a Mozilla-trusted cert; full read/tamper of TLS, no availability impact.
Primary rating from Vendor (openjs).
CVSS VectorVendor: openjs
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername settings.
Applications that pin to an internal or corporate CA via requestTls.ca will, when their proxy URI is SOCKS5, get the default Mozilla CA bundle as the trust anchor instead. Any cert signed by any publicly-trusted CA for the target hostname is accepted, breaking the intended pin and enabling MITM read and tamper of the HTTPS exchange.
Affected applications are those that use undici's ProxyAgent (or Socks5ProxyAgent directly) with SOCKS5 AND rely on requestTls for TLS scope restriction. The bug was introduced in undici 7.23.0 when SOCKS5 support was added.
Patches: Upgrade to undici v7.28.0 or v8.5.0.
Workarounds: No workaround is available within the SOCKS5 path. If a SOCKS5 proxy with TLS scope restriction is required and an upgrade is not yet possible, route the traffic through an HTTP-proxy ProxyAgent instead, where requestTls is honored correctly.
AnalysisAI
TLS pinning bypass in undici 7.23.0 through 7.27.x and 8.x prior to 8.5.0 allows network-positioned attackers to perform man-in-the-middle attacks on HTTPS traffic routed through SOCKS5 proxies. The ProxyAgent silently drops the requestTls option (including ca, cert, key, rejectUnauthorized, and servername) when the proxy URI uses socks5:// or socks://, causing connections to fall back to Node.js's default Mozilla CA bundle instead of the application-configured trust anchor. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires three concrete conditions present simultaneously: the application must instantiate undici's ProxyAgent or Socks5ProxyAgent with a proxy URI whose scheme is socks5:// or socks://; the application must rely on the requestTls option (specifically ca, cert, key, rejectUnauthorized, or servername) to constrain the TLS trust scope of the tunneled HTTPS connection; and the attacker must hold a network position between the SOCKS5 proxy and the target server plus a certificate for the target hostname chained to any CA in Node's default Mozilla bundle. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N vector reflects a network-reachable, unauthenticated MITM with high confidentiality and integrity impact but elevated attack complexity, which is appropriate: the attacker must already be positioned to intercept the SOCKS5-tunneled TLS session and must possess (or obtain) a certificate trusted by Mozilla's root store for the target hostname - historically achievable via mis-issued or compromised public CAs but non-trivial. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A defender configures a Node.js service to call an internal API over a corporate SOCKS5 egress proxy with requestTls.ca pinned to the internal root CA. An attacker positioned on the proxy-to-target network path (rogue SOCKS5 operator, compromised egress hop, or a public-CA mis-issuance combined with BGP/DNS hijack) presents a certificate signed by any Mozilla-trusted CA for the target hostname; undici silently accepts it, allowing the attacker to read and tamper with the HTTPS exchange. |
| Remediation | Vendor-released patch: upgrade undici to v7.28.0 or v8.5.0, which propagate requestTls through the SOCKS5 code path; this is the only complete fix and should be applied via the project's package manager (npm/yarn/pnpm) and any transitive dependents that pin older undici. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all production systems using undici (versions 7.23.0-7.27.x or 8.0.0-8.4.x) with SOCKS5 proxy configurations. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Memory exhaustion denial of service in the undici WebSocket client (versions 6.17.0 and later) allows a malicious or com
Denial-of-service in the undici WebSocket client (Node.js HTTP/WebSocket library) version 8.1.0 through versions prior t
Cross-origin request misrouting in undici (Node.js HTTP client) versions 7.23.0 through 8.1.0 occurs when Socks5ProxyAge
Cache information disclosure in Undici's shared-mode cache interceptor allows a prior authenticated user's HTTP response
HTTP response header injection in undici's cookie parser exposes proxy, middleware, and SSR framework applications to se
Share
External POC / Exploit Code
Leaving vuln.today