AIKIDO-2025-10707
marimo is vulnerable to Unintended Proxy or Intermediary ('Confused Deputy')
69
Medium Risk
This Affects:
marimoTL;DR
Affected versions of this package are vulnerable to unauthenticated proxying via the /mpl/<port>/<route> endpoint, which is accessible without authentication on default Marimo installations. This endpoint allows attackers to connect to arbitrary local ports and internal services, bypassing firewalls and exposing services intended to be local-only. Depending on the exposed services (e.g., CUPS, phpMyAdmin, RPCMapper), attackers may gain access to sensitive data, perform network reconnaissance, or even achieve remote code execution. Public scans revealed many internet-exposed Marimo instances, including those in sensitive cloud environments, making this a widespread and serious security risk.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range and you are exposing marimo to the public internet.
Background info
marimo is vulnerable to Unintended Proxy or Intermediary ('Confused Deputy') in versions 0.9.20 - 0.16.3.
How to fix this
Upgrade the marimo library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant