Summary: The article discusses vulnerabilities in HTTP headers that can be exploited through reverse proxies to bypass security controls. It covers two main types of attacks: header injection via normalization discrepancies (OAuth2-proxy underscore bypass) and exploiting ambiguous RFC behaviors (Praetorian's research on the X-Forwarded-* headers). These issues allow attackers to manipulate authentication, escalate privileges, or perform lateral movement within a network. The article also provides guidance on defending against such attacks by implementing strict header validation, cryptographic signing of critical headers, and monitoring for suspicious activity.
Read the full article at Blog - Praetorian
Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.
