CVE-2025-54576Authentication Bypass by Spoofing in Oauth2-proxy

CWE-290Authentication Bypass by Spoofing5 documents4 sources
Severity
9.1CRITICALNVD
EPSS
0.2%
top 58.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oauth2-proxyGithub.com Oauth2-proxy Oauth2-proxy V7Oauth2 Proxy Project Oauth2 Proxy
Timeline
PublishedJul 30
Latest updateAug 11

Description

OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skip_auth_routes configuration option with regex patterns. Attackers can bypass authentication by crafting URLs with query parameters that satisfy configured regex patterns, allowing unauthorized access to protected resources. The issue st

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

CVEListV5oauth2-proxy/oauth2-proxy< 7.11.0

Patches

Patch: github.com

🔴Vulnerability Details

3
OSV
OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion in github.com/oauth2-proxy/oauth2-proxy2025-08-11
GHSA
OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion2025-07-30
OSV
OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion2025-07-30

📋Vendor Advisories

1
Red Hat
github.com/oauth2-proxy/oauth2-proxy: OAuth2-Proxy authentication bypass2025-07-30