The '@' That Stole Your Shell: A Deep Dive into CVE-2025-47269
Jan 12, 2026·6 min read·16 visits
Executive Summary (TL;DR)
code-server's local port proxy didn't verify that the 'port' was actually a number. An attacker can supply a payload like 'test@evil.com' instead of a port number. The backend constructs a URL that is misinterpreted by the HTTP library, causing code-server to authenticate against an attacker's server and hand over the victim's session cookie. This grants the attacker full RCE via the web terminal.
A critical input validation failure in code-server's proxy mechanism allows attackers to hijack sessions via a classic URI parsing confusion. By injecting special characters into the port parameter, attackers can redirect the internal proxy—and your session cookies—to a server they control.
Official Patches
Fix Analysis (1)
Technical Appendix
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:LAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
code-server Coder | < 4.99.4 | 4.99.4 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-441 |
| CWE Name | Confused Deputy / SSRF |
| CVSS Score | 8.3 (High) |
| Attack Vector | Network |
| EPSS Score | 0.00044 |
| Exploit Status | PoC Available |
MITRE ATT&CK Mapping
The software acts as a proxy or intermediary but does not sufficiently restrict the destination or the data that can be sent, allowing an attacker to use the proxy to access unauthorized resources.