{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/aws-metadata/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Axios"],"_cs_severities":["critical"],"_cs_tags":["crlf-injection","prototype-pollution","aws-metadata","ssrf"],"_cs_type":"advisory","_cs_vendors":["Axios"],"content_html":"\u003cp\u003eThe Axios library, a popular HTTP client, is vulnerable to a critical header injection vulnerability (CVE-2026-40175) affecting all versions (v0.x - v1.x) through \u0026lt; 1.15.0. This vulnerability, located in \u003ccode\u003elib/adapters/http.js\u003c/code\u003e, arises from a lack of HTTP header sanitization, specifically related to CRLF characters. Exploitation leverages a \u0026quot;gadget\u0026quot; attack chain, where prototype pollution in any third-party dependency can be exploited to bypass AWS IMDSv2 and achieve remote code execution or full cloud compromise. The vulnerability requires zero direct user input, making it particularly insidious. An attacker can pollute \u003ccode\u003eObject.prototype\u003c/code\u003e through other vulnerable libraries in the stack (e.g., \u003ccode\u003eqs\u003c/code\u003e, \u003ccode\u003eminimist\u003c/code\u003e, \u003ccode\u003eini\u003c/code\u003e, \u003ccode\u003ebody-parser\u003c/code\u003e), and Axios will inadvertently incorporate the polluted properties during its configuration merge, leading to request smuggling.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a separate dependency with a prototype pollution vulnerability (e.g., via vulnerable query string parsing).\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a request that pollutes \u003ccode\u003eObject.prototype\u003c/code\u003e with a malicious header value containing CRLF characters. For example: \u003ccode\u003eObject.prototype['x-amz-target'] = \u0026quot;dummy\\r\\n\\r\\nPUT /latest/api/token HTTP/1.1\\r\\nHost: 169.254.169.254\\r\\nX-aws-ec2-metadata-token-ttl-seconds: 21600\\r\\n\\r\\nGET /ignore\u0026quot;;\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe application makes a seemingly benign HTTP request using Axios, such as \u003ccode\u003eaxios.get('https://analytics.internal/pings')\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAxios merges the polluted \u003ccode\u003ex-amz-target\u003c/code\u003e property into the request headers without proper sanitization.\u003c/li\u003e\n\u003cli\u003eAxios writes the unsanitized header value directly to the socket, resulting in a smuggled HTTP request.\u003c/li\u003e\n\u003cli\u003eThe smuggled request targets the AWS Metadata Service (169.254.169.254) to obtain an IMDSv2 session token. The attacker includes the necessary \u003ccode\u003eX-aws-ec2-metadata-token-ttl-seconds\u003c/code\u003e header, bypassing typical SSRF protections.\u003c/li\u003e\n\u003cli\u003eThe Metadata Service returns a session token to the attacker.\u003c/li\u003e\n\u003cli\u003eUsing the stolen session token, the attacker can then steal IAM credentials associated with the instance, leading to full cloud account compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to bypass AWS IMDSv2 session tokens, a key security control designed to prevent SSRF attacks. This can lead to the theft of AWS IAM credentials and complete compromise of the cloud environment. The vulnerability can also be leveraged for authentication bypass by injecting malicious headers like \u003ccode\u003eCookie\u003c/code\u003e or \u003ccode\u003eAuthorization\u003c/code\u003e, allowing attackers to pivot into internal administrative panels. Cache poisoning attacks are also possible via \u003ccode\u003eHost\u003c/code\u003e header injection.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch suggested in the advisory to \u003ccode\u003elib/adapters/http.js\u003c/code\u003e (and \u003ccode\u003exhr.js\u003c/code\u003e), which validates header values for CRLF characters, preventing request smuggling.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026quot;Detect Suspicious AWS Metadata Service Access via Header Injection\u0026quot; to your SIEM, tuning it for your environment.\u003c/li\u003e\n\u003cli\u003eMonitor network connections to the AWS Metadata Service IP (169.254.169.254), especially from unusual processes.\u003c/li\u003e\n\u003cli\u003eReview third-party dependencies for known prototype pollution vulnerabilities to prevent the initial pollution that triggers the Axios gadget.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-24T12:00:00Z","date_published":"2024-01-24T12:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-24-axios-header-injection/","summary":"The Axios library is vulnerable to a header injection chain that allows prototype pollution in a third-party dependency to be escalated into remote code execution or full cloud compromise via AWS IMDSv2 bypass by polluting Object.prototype with CRLF characters to smuggle requests to the AWS Metadata Service.","title":"Axios Library Vulnerable to Cloud Metadata Exfiltration via Header Injection","url":"https://feed.craftedsignal.io/briefs/2024-01-24-axios-header-injection/"}],"language":"en","title":"CraftedSignal Threat Feed - Aws-Metadata","version":"https://jsonfeed.org/version/1.1"}