{"uuid": "0fb2af36-255e-43e6-be65-b452492ad909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48710", "type": "seen", "source": "https://gist.github.com/alon710/cb3b1174ebf48e827d68142e3b30cd37", "content": "# CVE-2026-48710: CVE-2026-48710: Starlette BadHost HTTP Host-Header Path-Poisoning and Authentication Bypass\n\n> **CVSS Score:** 7.0\n> **Published:** 2026-06-04\n> **Full Report:** https://cvereports.com/reports/CVE-2026-48710\n\n## Summary\nCVE-2026-48710 is a critical security-desynchronization vulnerability in the Starlette ASGI framework (versions >= 0.8.3, < 1.0.1) that allows remote attackers to bypass path-based security middleware and access-control decorators. By injecting URI authority-to-path delimiters into the Host header, attackers can manipulate the application-level parsed URL path while the underlying ASGI server dispatches the request to target endpoints.\n\n## TL;DR\nA validation flaw in Starlette's Host header parsing enables attackers to bypass security middleware checks. By adding characters like '?' or '#' to the Host header, the framework miscalculates the request path as '/' (public) while the router still executes the actual targeted administrative endpoint.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-1289\n- **Attack Vector**: Network (AV:N)\n- **CVSS v4.0 Score**: 7.0 (High Severity)\n- **EPSS Score**: 0.00353 (0.35%)\n- **Impact**: Authentication and Authorization Bypass\n- **Exploit Status**: Proof-of-Concept (PoC) public, scanner code weaponized\n- **KEV Status**: Not listed\n\n## Affected Systems\n\n- Starlette ASGI framework (versions >= 0.8.3, < 1.0.1)\n- FastAPI applications using path-based security middleware\n- LiteLLM and vLLM infrastructures deployed on vulnerable Starlette versions\n- Model Context Protocol (MCP) server implementations running on Starlette\n- **Starlette**: >= 0.8.3, < 1.0.1 (Fixed in: `1.0.1`)\n- **FastAPI**: <= 0.115.x (Fixed in: `Dependent on Starlette 1.0.1`)\n\n## Mitigation\n\n- Upgrade Starlette to version 1.0.1 or higher to enforce strict Host header validation.\n- Modify custom middleware to reference request.scope['path'] instead of request.url.path to prevent path desynchronization.\n- Deploy an RFC-compliant reverse proxy (such as Nginx or Apache) that rejects invalid characters in the Host header.\n- Ensure ASGI application servers bind only to localhost and are not directly exposed to untrusted networks.\n\n**Remediation Steps:**\n1. Identify all deployments using Starlette by running 'pip show starlette' or auditing lock files.\n2. Update requirements.txt or poetry.lock to specify 'starlette>=1.0.1'.\n3. Rebuild and redeploy container images to ensure downstream packages (like FastAPI) use the updated Starlette version.\n4. Test custom security middleware with mock malformed Host headers to verify that access control checks cannot be bypassed.\n\n## References\n\n- [Official Starlette GitHub Advisory](https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr)\n- [Official Security Fix Commit](https://github.com/Kludex/starlette/commit/764dab0dcfb9033d75442d7a359645c9f94648c6)\n- [X41 D-Sec Lab Security Advisory](https://www.x41-dsec.de/lab/advisories/x41-2026-002-starlette)\n- [OSTIF Disclosure & Deep-Dive Warning](https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette)\n- [CVE Record (CVE.org)](https://www.cve.org/CVERecord?id=CVE-2026-48710)\n- [PyPA PYSEC Tracker](https://github.com/pypa/advisory-database/tree/main/vulns/starlette/PYSEC-2026-161.yaml)\n- [BadHost Exploit & Scanner Repository](https://github.com/Bhanunamikaze/BadHost-CVE-2026-48710-Exploit)\n- [Dedicated Threat Portal](https://badhost.org)\n- [SecWest Starlette Portal](https://www.secwest.net/starlette)\n- [Wiz Vulnerability Analysis Entry](https://www.wiz.io/vulnerability-database/cve/cve-2026-48710)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48710) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-04T13:40:58.000000Z"}