<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Aws-Metadata - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/aws-metadata/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Wed, 24 Jan 2024 12:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/aws-metadata/feed.xml" rel="self" type="application/rss+xml"/><item><title>Axios Library Vulnerable to Cloud Metadata Exfiltration via Header Injection</title><link>https://feed.craftedsignal.io/briefs/2024-01-24-axios-header-injection/</link><pubDate>Wed, 24 Jan 2024 12:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2024-01-24-axios-header-injection/</guid><description>The Axios library is vulnerable to a header injection chain that allows prototype pollution in a third-party dependency to be escalated into remote code execution or full cloud compromise via AWS IMDSv2 bypass by polluting Object.prototype with CRLF characters to smuggle requests to the AWS Metadata Service.</description><content:encoded><![CDATA[<p>The Axios library, a popular HTTP client, is vulnerable to a critical header injection vulnerability (CVE-2026-40175) affecting all versions (v0.x - v1.x) through &lt; 1.15.0. This vulnerability, located in <code>lib/adapters/http.js</code>, arises from a lack of HTTP header sanitization, specifically related to CRLF characters. Exploitation leverages a &quot;gadget&quot; attack chain, where prototype pollution in any third-party dependency can be exploited to bypass AWS IMDSv2 and achieve remote code execution or full cloud compromise. The vulnerability requires zero direct user input, making it particularly insidious. An attacker can pollute <code>Object.prototype</code> through other vulnerable libraries in the stack (e.g., <code>qs</code>, <code>minimist</code>, <code>ini</code>, <code>body-parser</code>), and Axios will inadvertently incorporate the polluted properties during its configuration merge, leading to request smuggling.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>Attacker identifies a separate dependency with a prototype pollution vulnerability (e.g., via vulnerable query string parsing).</li>
<li>The attacker crafts a request that pollutes <code>Object.prototype</code> with a malicious header value containing CRLF characters. For example: <code>Object.prototype['x-amz-target'] = &quot;dummy\r\n\r\nPUT /latest/api/token HTTP/1.1\r\nHost: 169.254.169.254\r\nX-aws-ec2-metadata-token-ttl-seconds: 21600\r\n\r\nGET /ignore&quot;;</code></li>
<li>The application makes a seemingly benign HTTP request using Axios, such as <code>axios.get('https://analytics.internal/pings')</code>.</li>
<li>Axios merges the polluted <code>x-amz-target</code> property into the request headers without proper sanitization.</li>
<li>Axios writes the unsanitized header value directly to the socket, resulting in a smuggled HTTP request.</li>
<li>The smuggled request targets the AWS Metadata Service (169.254.169.254) to obtain an IMDSv2 session token. The attacker includes the necessary <code>X-aws-ec2-metadata-token-ttl-seconds</code> header, bypassing typical SSRF protections.</li>
<li>The Metadata Service returns a session token to the attacker.</li>
<li>Using the stolen session token, the attacker can then steal IAM credentials associated with the instance, leading to full cloud account compromise.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of this vulnerability allows attackers to bypass AWS IMDSv2 session tokens, a key security control designed to prevent SSRF attacks. This can lead to the theft of AWS IAM credentials and complete compromise of the cloud environment. The vulnerability can also be leveraged for authentication bypass by injecting malicious headers like <code>Cookie</code> or <code>Authorization</code>, allowing attackers to pivot into internal administrative panels. Cache poisoning attacks are also possible via <code>Host</code> header injection.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Apply the patch suggested in the advisory to <code>lib/adapters/http.js</code> (and <code>xhr.js</code>), which validates header values for CRLF characters, preventing request smuggling.</li>
<li>Deploy the Sigma rule &quot;Detect Suspicious AWS Metadata Service Access via Header Injection&quot; to your SIEM, tuning it for your environment.</li>
<li>Monitor network connections to the AWS Metadata Service IP (169.254.169.254), especially from unusual processes.</li>
<li>Review third-party dependencies for known prototype pollution vulnerabilities to prevent the initial pollution that triggers the Axios gadget.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>crlf-injection</category><category>prototype-pollution</category><category>aws-metadata</category><category>ssrf</category></item></channel></rss>