Critical Axios library flaw: active PoC

Axios, one of JavaScript’s most-used web request libraries, patched a critical flaw on April 10 that can turn a separate bug elsewhere into cloud credential theft or remote code execution. (github.com) Axios is the code many Node.js apps use to fetch data from other servers. In versions before 1.15.0, GitHub’s advisory says polluted values on `Object.prototype` could be merged into Axios request headers and written to the network without carriage-return and line-feed checks. (github.com) That matters because “prototype pollution” is a bug class where attackers slip extra properties into the default object every part of a JavaScript app inherits from. GitHub said Axios could then act as a “gadget,” meaning safe-looking code such as a hardcoded `axios.get` call could carry attacker-controlled headers anyway. (github.com) The advisory says the chain can escalate into server-side request forgery, a bug that makes a server send requests an attacker chooses, and into request smuggling, where one network request is split into two. GitHub scored the issue Critical, and the National Vulnerability Database shows a 10.0 Common Vulnerability Scoring System rating from GitHub’s CNA record. (github.com) (nist.gov) One target in the proof-of-concept is Amazon Web Services’ Instance Metadata Service Version 2, the local address cloud servers use to fetch temporary credentials. Amazon says Instance Metadata Service Version 2 requires a session token created with a `PUT` request before metadata can be read. (docs.aws.amazon.com) GitHub’s advisory says the Axios chain can inject exactly that `PUT` request and the required `X-aws-ec2-metadata-token-ttl-seconds` header, then use the returned token to reach the credentials endpoint. The result, according to the advisory, is theft of Identity and Access Management role credentials from affected Amazon Elastic Compute Cloud instances. (github.com) (docs.aws.amazon.com) The fix is in Axios 1.15.0. The National Vulnerability Database and GitHub both list earlier releases as affected, and the Axios release notes say the update now blocks merging the `__proto__` key inside configuration objects to stop prototype-pollution abuse. (nist.gov) (github.com) The disclosure lands days after a separate Axios supply-chain incident. Hunt.io reported on April 1 that an attacker hijacked maintainer Jason Saayman’s npm account and pushed malicious `axios@1.14.1` and `axios@0.30.4`, which delivered platform-specific remote-access trojans in under 24 hours. (hunt.io) Jason Saayman said in comments cited by Cybernews that exploiting the new flaw “would be quite hard” because an attacker first needs another package to pollute the prototype, and he said Node’s Hypertext Transfer Protocol implementation blocks part of the path. Even so, the United Kingdom’s National Health Service cyber team said on April 14 that a proof of concept is available and exploitation is “highly likely.” (cybernews.com) (digital.nhs.uk) For developers, the immediate checklist is narrow: update Axios to 1.15.0 or later, review any package that can pollute JavaScript objects, and lock down cloud metadata access on existing instances. Amazon says administrators can require Instance Metadata Service Version 2 and monitor older no-token calls before tightening settings. (github.com) (docs.aws.amazon.com)