CVE-2025-23086
📋 TL;DR
This vulnerability in Brave Browser allows malicious websites to spoof trusted site origins in file upload/download dialogs when combined with open redirector vulnerabilities. Users of Brave Browser versions 1.70.x-1.73.x on desktop platforms are affected by this UI spoofing attack.
💻 Affected Systems
- Brave Browser
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Users could be tricked into downloading malicious files believing they originate from trusted sites, leading to malware installation or credential theft.
Likely Case
Users might download files from untrusted sources while believing they come from legitimate websites, potentially leading to phishing or social engineering attacks.
If Mitigated
With proper user awareness and security controls, users would verify file origins through other means before downloading.
🎯 Exploit Status
Requires attacker to control malicious site and have access to trusted site with open redirector vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.74.x or later
Vendor Advisory: https://hackerone.com/reports/2888770
Restart Required: Yes
Instructions:
1. Open Brave Browser 2. Click menu → About Brave 3. Browser will automatically check for and install updates 4. Restart browser when prompted
🔧 Temporary Workarounds
Disable file upload/download prompts
allConfigure browser to block all file upload/download prompts
Use alternative browser
allTemporarily switch to another browser until Brave is updated
🧯 If You Can't Patch
- Educate users to always verify file origins through browser address bar before downloading
- Implement network filtering to block known malicious sites and open redirectors
🔍 How to Verify
Check if Vulnerable:
Check Brave version in menu → About Brave. If version is between 1.70.0 and 1.73.x, you are vulnerable.Check Version:
brave-browser --versionVerify Fix Applied:
After updating, verify version is 1.74.0 or higher in menu → About Brave.📡 Detection & Monitoring
Log Indicators:
- Unusual file download patterns from trusted domains
- Multiple file prompts from same user session
Network Indicators:
- Redirect chains from trusted to untrusted domains before file downloads
SIEM Query:
source="browser_logs" AND event="file_download" AND (referrer_domain != download_domain)