QUIC certificate check skip with wolfSSL

Vulnerability

libcurl versions 8.8.0 through 8.13.0, when built with the wolfSSL TLS backend for QUIC, accidentally skip certificate verification for QUIC connections when the host in the URL is specified as an IP address. This affects the curl command line tool and any application using libcurl with this specific backend. Versions before 8.8.0 are not vulnerable to this specific flaw, but their certificate verification for QUIC was known to be nonfunctional [1].

Exploitation

An attacker with a network position allowing man-in-the-middle access can impersonate a QUIC server when the client connects using an IP address rather than a hostname. No authentication or special privileges beyond network proximity are required. The attacker can present a fake certificate that would normally be rejected, but due to the skipped verification, the connection proceeds without detection [1].

Impact

Successful exploitation allows an attacker to intercept, read, or modify QUIC traffic, leading to information disclosure and potential data tampering. The attacker gains the ability to perform man-in-the-middle attacks, undermining the confidentiality and integrity of the QUIC connection [1].

Mitigation

Upgrade to curl version 8.14.0, released on May 28, 2025, where the flaw is fixed. Alternatively, apply the provided patch (commit a85f1df4803bbd272905c9e7125). If upgrading is not possible, avoid using QUIC connections with curl built against wolfSSL. No workaround exists for affected versions when using wolfSSL with QUIC and IP address hosts [1].