AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass

VULNERABILITY: HTTP/2 Cleartext h2c Upgrade Authentication Bypass ======================================================================== Severity: CRITICAL CVSS 3.1: 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CWE: CWE-287 Improper Authentication Component: internal/home/web.go Affected:...

AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass

An unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext h2c. Once the upgrade is accepted, the resulting HTTP/2 connection is handled by the inner mux, which has no authentication middleware...