Start your free trial today.
Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.
Your Shield Against Threats
Unleash the Power of Cybersecurity
Boost Your Security, Enhance Your Business
We solve Your Cyber Challenges
Quick Links
Resources
Deepaegis Portals
2025 Deepaegis. All Rights Reserved.
A critical authentication bypass vulnerability (CVE-2025-54576) exists in OAuth2-Proxy affecting versions prior to v7.11.0.
Successful exploitation may allow attackers to bypass authentication entirely, compromising the confidentiality and integrity of systems using OAuth2-Proxy as a gateway. Availability is not impacted. This poses a high risk to organizations relying on OAuth2-Proxy for access control.
OAuth2-Proxy
Affected Version: All versions prior to v7.11.0
Remediation: Upgrade immediately to OAuth2-Proxy v7.11.0 or later. Additionally: Audit and revise skip_auth_routes regex patterns Replace wildcards with strict path matches Anchor regex patterns (^...$) Implement custom validation that strips query parameters before matching
OAuth2-Proxy v7.11.0 fixes the vulnerability.
Manually review and restrict regex configurations in skip_auth_routes.
Audit skip_auth_routes entries Replace broad regex with strict, anchored patterns Strip query parameters before matching
Monitor access logs for suspicious query strings Look for bypass attempts using crafted URIs
Not specified
Not specified
No references provided
No affected organizations specified
This document contains sensitive information. Unauthorized distribution is prohibited.