CVE-2026-55202
8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Summary
Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger unauthorized access to internal proxy statistics or misroute requests as transparent proxy connections to circumvent access controls.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| tinyproxy | tinyproxy | 0 <= 1.11.3 | affected |
| tinyproxy | tinyproxy | 09312a185ae25cc486b4ff5987638a7917a48bce | unaffected |
Weaknesses
- CWE-290: Authentication Bypass by Spoofing
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://github.com/tinyproxy/tinyproxy/pull/606
- https://github.com/tinyproxy/tinyproxy/commit/09312a185ae25cc486b4ff5987638a7917a48bce
- https://www.vulncheck.com/advisories/evil-winrm-path-traversal-in-download-dir-function
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.