CVE-2020-37056 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers.…
Medium CVSS: 6.9

CVE-2020-37056

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and gain unauthorized access.
Vendor
-
Product
-
CWE
CWE-290
Yayın Tarihi
2026-01-30 23:16:11
Güncelleme
2026-02-03 16:44:36
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-290 MEDIUM 2026

Referanslar

https://github.com/rogeriozambon/http-protection https://www.exploit-db.com/exploits/48533 https://www.vulncheck.com/advisories/crystal-shard-http-protection-ip-spoofing-bypass