Plattform
rust
Komponente
salvo
Behoben in
0.39.1
0.89.3
A Path Traversal and Access Control Bypass vulnerability has been identified in the salvo-proxy component of the Salvo Rust framework, impacting versions up to 0.89.2. This flaw allows unauthenticated attackers to circumvent proxy routing and potentially access sensitive backend resources, such as protected endpoints or administrative dashboards. A fix is available in version 0.89.3.
The vulnerability arises from the encodeurlpath function's failure to properly normalize "../" sequences within URLs. Instead of re-encoding the "." character, the function passes these sequences verbatim to the upstream server. This allows an attacker to craft malicious requests containing directory traversal sequences, effectively bypassing the intended proxy routing rules. Successful exploitation could lead to unauthorized access to internal resources, data exfiltration, or even remote code execution if the backend systems are vulnerable. The blast radius extends to any backend service exposed through the proxy, potentially impacting critical business functions.
This vulnerability was publicly disclosed on 2026-03-19. There are currently no known public proof-of-concept exploits available, but the ease of exploitation makes it a potential target for opportunistic attackers. Its inclusion in the Salvo Rust framework, a popular choice for building APIs and microservices, increases its potential impact. The CVSS score of 7.5 (HIGH) reflects the potential for significant impact.
Organizations utilizing the Salvo Rust framework in their proxy or API gateway infrastructure are at risk. This includes those deploying Salvo in production environments, particularly those with exposed backend services or administrative interfaces. Applications relying on Salvo for routing and security should be prioritized for patching.
• rust/supply-chain: Examine Cargo.toml files for dependencies on salvo versions prior to 0.89.3. Use cargo audit to identify vulnerable dependencies.
• generic web: Monitor access logs for requests containing suspicious URL patterns like .../.. or ..././...
• generic web: Inspect response headers for unexpected backend paths being exposed.
curl -I 'http://your-salvo-proxy/../../sensitive-resource' # Example request to test for bypassdisclosure
Exploit-Status
EPSS
0.02% (4% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to upgrade to Salvo Rust framework version 0.89.3 or later, which includes the necessary fix for the URL encoding issue. If immediate upgrading is not feasible, consider implementing a Web Application Firewall (WAF) or reverse proxy with strict URL filtering rules to block requests containing suspicious directory traversal sequences like "../". Additionally, review and harden the configuration of the backend systems to minimize the potential impact of unauthorized access. Monitor proxy logs for unusual patterns or requests targeting unexpected paths.
Actualice Salvo a la versión 0.89.3 o superior. Esta versión corrige la vulnerabilidad de Path Traversal en el componente salvo-proxy.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-33242 is a Path Traversal vulnerability in the Salvo Rust framework, allowing attackers to bypass proxy routing and access backend resources.
You are affected if you are using Salvo Rust framework versions prior to 0.89.3 and expose backend resources through the proxy.
Upgrade to Salvo Rust framework version 0.89.3 or later. Implement WAF rules to block suspicious URL patterns as a temporary mitigation.
There are currently no known reports of active exploitation campaigns for CVE-2026-33242.
Refer to the Salvo project's official release notes and security advisories on their GitHub repository for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Cargo.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.