Authentication Bypass by Spoofing
| Property | |
|---|---|
| Language | generic |
| Severity |  |
| CWE | CWE-290: Authentication Bypass by Spoofing |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Medium |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Using $http_host or $host in Nginx configs without validation allows attackers to send malicious Host headers, which your server may trust as legitimate. This can lead to relying on user-supplied values for important logic or redirects.
Impact#
If exploited, attackers could impersonate trusted domains, bypass authentication, or manipulate how your app processes requests, potentially leading to phishing or unauthorized access. This weakens the security of domain-based protections and trust checks.