प्लेटफ़ॉर्म
linux
घटक
squid
में ठीक किया गया
7.2.1
CVE-2025-62168 affects Squid, a widely used caching proxy for web traffic. This vulnerability stems from a failure to properly redact HTTP authentication credentials when Squid encounters errors. Successful exploitation could allow attackers to bypass browser security protections and potentially identify sensitive security tokens or credentials used by backend web applications relying on Squid for load balancing. The vulnerability impacts Squid versions prior to 7.2 and has been resolved in version 7.2.
The primary impact of CVE-2025-62168 is the potential for information disclosure of HTTP authentication credentials. An attacker could craft malicious requests that trigger error conditions within Squid, leading to the exposure of these credentials in error messages. This could allow them to identify security tokens or credentials used internally by web applications that utilize Squid as a proxy. While the vulnerability doesn't require Squid to be configured with HTTP authentication, the exposure of credentials used by trusted clients poses a significant risk. The blast radius extends to any backend application relying on Squid for load balancing, as compromised credentials could be leveraged to gain unauthorized access to those systems. This vulnerability shares similarities with other information disclosure flaws where error handling mechanisms fail to sanitize sensitive data.
CVE-2025-62168 was published on 2025-10-17. The CVSS score of 10 (Critical) indicates a high probability of exploitation. Currently, there are no publicly known active campaigns targeting this vulnerability, but the ease of exploitation and the potential impact suggest it could become a target. The vulnerability is not listed on KEV (Known Exploited Vulnerabilities) as of this writing. Monitor security advisories and threat intelligence feeds for updates on exploitation activity.
एक्सप्लॉइट स्थिति
EPSS
0.17% (38% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-62168 is to upgrade Squid to version 7.2 or later, which contains the fix. If immediate upgrading is not feasible, consider implementing temporary workarounds. Review Squid's error logging configuration to ensure sensitive information is not being logged. Implement Web Application Firewall (WAF) rules to filter out potentially malicious requests that could trigger error conditions. Monitor Squid logs for unusual activity or patterns that might indicate exploitation attempts. After upgrading, confirm the fix by sending a request designed to trigger the error handling and verifying that credentials are not exposed in the response.
Actualice Squid a la versión 7.2 o posterior. Como alternativa, deshabilite la información de depuración en los enlaces mailto del administrador generados por Squid configurando squid.conf con email_err_data off.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
It's a critical information disclosure vulnerability in Squid proxy versions before 7.2, allowing attackers to potentially expose HTTP authentication credentials through error handling.
If you are using Squid versions prior to 7.2, you are potentially affected by this vulnerability. Assess your environment and prioritize patching.
Upgrade Squid to version 7.2 or later to resolve the vulnerability. If upgrading is not immediately possible, implement temporary workarounds like WAF rules and careful log monitoring.
As of now, there are no publicly known active campaigns exploiting this vulnerability, but its criticality suggests it could become a target.
Refer to the official Squid security advisory and the NVD entry for CVE-2025-62168 for detailed information and updates.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।