CVE-2024-34451

CRITICAL

Ghost < 5.85.1 - Authentication Rate-Limit Bypass via X-Forwarded-For Header Manipulation

Title source: llm

Description

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers.

References (3)

Core 3

Core References

Exploit

https://docs.google.com/document/d/1iy0X4Vc9xXYoBxFrcW6ATo8GKPV6ivuLVzn6GgEpwqE

Product

https://ghost.org/docs/faq/proxying-https-infinite-loops/

Product

https://github.com/TryGhost/Ghost/releases

Scores

CVSS v3 9.1

EPSS 0.0077

EPSS Percentile 50.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1390

Status published

Products (1)

ghost/ghost < 5.85.1

Published Jun 16, 2024

Tracked Since Feb 18, 2026