before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00412Percentile:
0.60609
CVSS Scoring
CVSS v3.1 Score: 7.5
Severity: HIGH
Mapped CWE(s)
CWE-697
: Incorrect Comparison
All CAPEC(s)
CAPEC-10 : Buffer Overflow via Environment Variables
CAPEC-120 : Double Encoding
CAPEC-14 : Client-side Injection-induced Buffer Overflow
CAPEC-15 : Command Delimiters
CAPEC-182 : Flash Injection
CAPEC-24 : Filter Failure through Buffer Overflow
CAPEC-267 : Leverage Alternate Encoding
CAPEC-3 : Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-41 : Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-43 : Exploiting Multiple Input Interpretation Layers
CAPEC-44 : Overflow Binary Resource File
CAPEC-45 : Buffer Overflow via Symbolic Links
CAPEC-46 : Overflow Variables and Tags
CAPEC-47 : Buffer Overflow via Parameter Expansion
CAPEC-52 : Embedding NULL Bytes
CAPEC-53 : Postfix, Null Terminate, and Backslash
CAPEC-6 : Argument Injection
CAPEC-64 : Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-67 : String Format Overflow in syslog()
CAPEC-7 : Blind SQL Injection
CAPEC-71 : Using Unicode Encoding to Bypass Validation Logic
CAPEC-73 : User-Controlled Filename
CAPEC-78 : Using Escaped Slashes in Alternate Encoding
CAPEC-79 : Using Slashes in Alternate Encoding
CAPEC-8 : Buffer Overflow in an API Call
CAPEC-80 : Using UTF-8 Encoding to Bypass Validation Logic
CAPEC-88 : OS Command Injection
CAPEC-9 : Buffer Overflow in Local Command-Line Utilities
CAPEC-92 : Forced Integer Overflow
CAPEC(s) with Mapped TTPs
CAPEC-267 : Leverage Alternate Encoding
Mapped TTPs:
T1027
: Obfuscated Files or Information
Mapped ATT&CK TTPs
T1027
: Obfuscated Files or Information
Kill Chain: defense-evasion
Malware
APTs Threat Group Associations
Campaigns
2016 Ukraine Electric Power Attack C0015 C0017
Affected Products
cpe:2.3:a:proxy.py_project:proxy.py:*:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me