CVE-2024-21494 | greenpau caddy-security Header X-Forwarded-For authentication spoofing (Issue 266)

Posted by Angelo Barbosa | Feb 17, 2024 | CVE

A vulnerability was found in greenpau caddy-security. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to authentication bypass by spoofing.

This vulnerability is known as CVE-2024-21494. The attack can be launched remotely. There is no exploit available.

CVE-2024-21494 | greenpau caddy-security Header X-Forwarded-For authentication spoofing (Issue 266)

Related Posts

CVE-2024-25662 | Oxygen XML Web Author/Content Fusion cross site scripting (SYNC-2024-020601)

CVE-2024-5194 | Arris VAP2500 08.50 /assoc_table.php id command injection

CVE-2024-42470 | openhab-webui up to 4.2.0 authorization (GHSA-3g4c-hjhr-73rj)

CVE-2024-46834 | Linux Kernel up to 6.10.9 ethtool out-of-bounds (101737d8b88d/2899d58462ba)