Squid Cache Proxy Vulnerability

CRITICAL (10.0)
cwe-209cwe-550apachecaching-proxyhttp-authentication-bypassinformation-disclosuresquid

Threat Intelligence

⚠️ CRITICAL GAP - Exploits exist but no detection available
EPSS Score: 0.07% chance of exploitation (percentile: 22%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: GitHub PoC

How we test →

What is it?

Squid is a caching proxy for the Web, used to improve performance and reduce load on web servers. This vulnerability allows information disclosure due to a failure to redact HTTP authentication credentials in error handling, potentially allowing remote clients to identify security tokens or credentials used internally by a web application using Squid for backend load balancing.

Am I affected?

You're affected if you use Squid. Affected versions: 7.2 If you don't recognise this software, you're probably not affected.

How to fix

To fix this vulnerability, upgrade to Squid version 7.2 or later. Alternatively, as a workaround:

  • Disable debug information in administrator mailto links generated by Squid by configuring squid.conf with email_err_data off.
    • URL: https://www.squid-cache.org/Documentation/squidconf/SquidConfVariables/#email_err_data

References