Authentication Bypass Vulnerability in Traefik HTTP Reverse Proxy
CVE-2026-54764

6.9MEDIUM

Key Information:

Vendor

Traefik

Status
Vendor
CVE Published:
6 July 2026

What is CVE-2026-54764?

Traefik, a popular HTTP reverse proxy and load balancer, has a vulnerability in its ForwardAuth middleware affecting specific versions. Despite the 'trustForwardHeader' option set to false, the middleware improperly identifies the X-Forwarded-Port header from the original request, rather than a sanitized, forwarded request. This flaw can be exploited by an unauthenticated remote attacker who sends a crafted X-Forwarded-Proto header over a plain HTTP connection, leading Traefik to forward the incorrect X-Forwarded-Port value of 443 to the authentication service. This bypass allows attackers to circumvent port-based authorization checks, posing a security risk. The issue is resolved in versions v2.11.51, v3.6.22, and v3.7.6.

Affected Version(s)

traefik < 2.11.51 < 2.11.51

traefik >= 3.0.0, < 3.6.22 < 3.0.0, 3.6.22

traefik >= 3.7.0, < 3.7.6 < 3.7.0, 3.7.6

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.