Posted in

SquidBleed Vulnerability Leaks HTTP Credentials Through Shared Squid Proxies

Security researchers have disclosed a new vulnerability in the Squid web proxy that could allow authorized users of the same proxy server to access sensitive data from other users, including HTTP requests, authentication credentials, and session tokens.

The flaw, tracked as CVE-2026-47729 and dubbed SquidBleed, stems from a legacy FTP parsing issue dating back to 1997. Researchers at Calif.io revealed the vulnerability in June 2026, naming it after the infamous Heartbleed bug due to its ability to expose memory contents through a heap over-read.

Shared Proxy Users at Risk

Unlike many remote vulnerabilities, SquidBleed is not exploitable by arbitrary internet users. Instead, attackers must already have permission to use the affected Squid proxy.

This makes environments such as:

  • Corporate networks
  • Educational institutions
  • Public Wi-Fi services
  • Shared internet access providers

particularly vulnerable, as malicious users can potentially target others connected through the same proxy infrastructure.

The issue only affects traffic that Squid can inspect. Standard HTTPS traffic traveling through CONNECT tunnels remains protected because Squid cannot view encrypted contents. However, the vulnerability can expose:

  • Unencrypted HTTP traffic
  • TLS-inspection deployments where Squid decrypts HTTPS traffic for monitoring purposes

Attackers must also be able to connect the proxy to an FTP server they control, a capability enabled by Squid’s default FTP support.

How the Vulnerability Works

The flaw resides in Squid’s FTP directory-listing parser.

Researchers found that legacy code designed to support older NetWare FTP servers improperly handles whitespace processing. Under specific conditions, a malformed FTP directory listing can cause Squid to read beyond the intended memory buffer.

Instead of stopping at the end of a string, the parser continues reading adjacent memory, allowing attackers to retrieve data that should remain inaccessible.

Memory Reuse Amplifies the Impact

The exposed memory often contains remnants of recently processed HTTP requests.

Because Squid reuses memory buffers without fully clearing them, sensitive information from another user’s session may still be present when the over-read occurs.

Researchers demonstrated that attackers could recover:

  • Authorization headers
  • Session tokens
  • User credentials
  • Portions of HTTP requests

In a proof-of-concept attack, Calif.io successfully extracted an authentication header from another user sharing the same proxy server, potentially allowing account impersonation.

While proof-of-concept exploit code has been released publicly, researchers have not observed active exploitation in the wild.

Patch Confusion Surrounds the Fix

Administrators are being advised to verify that the vulnerability has actually been patched rather than relying solely on version numbers.

There has been some confusion regarding which Squid releases contain the fix. Initial statements suggested Squid 7.6 addressed the issue, but later clarification indicated the patch was officially included in version 7.7. Some Linux distributions may have already backported the fix into their own packages.

The remediation itself is relatively straightforward and introduces additional checks to prevent the parser from reading beyond string boundaries.

Security teams should confirm that the patch has been applied within the affected FTP parsing component rather than assuming protection based solely on software version information.

Disabling FTP Offers Additional Protection

Researchers recommend disabling FTP functionality entirely whenever possible.

FTP has largely fallen out of favor across modern networks, with major browsers such as Chrome removing FTP support years ago. Organizations that no longer rely on FTP services can significantly reduce their attack surface by turning off FTP support within Squid.

This mitigation remains effective regardless of the Squid version deployed.

Severity and Risk Assessment

Security vendors currently rate SquidBleed as a moderate-severity vulnerability, assigning it a CVSS score of 6.5.

Several factors limit the overall risk:

  • Attackers must already have access to the proxy
  • Exploitation requires a controlled FTP server
  • The vulnerability only impacts confidentiality
  • No direct impact on system integrity or availability has been identified

Despite these limitations, organizations operating shared proxy environments should prioritize remediation due to the potential exposure of sensitive authentication data.

AI-Assisted Discovery Highlights Hidden Legacy Bugs

An interesting aspect of the disclosure is the role artificial intelligence played in identifying the vulnerability.

Calif.io credited Anthropic’s Claude Mythos Preview model, developed as part of Project Glasswing, with rapidly identifying the subtle parsing flaw responsible for the issue.

The discovery reflects a growing trend of AI-assisted vulnerability research, where machine learning models help uncover long-overlooked bugs in mature software projects.

Researchers believe Squid’s legacy FTP code may contain additional vulnerabilities, highlighting the challenges of maintaining decades-old codebases that continue to power critical internet infrastructure.

Recommendations for Administrators

Organizations using Squid proxies should take the following actions immediately:

  • Apply the latest available security updates
  • Verify that the SquidBleed patch has been installed
  • Disable FTP support if not required
  • Review proxy access controls
  • Monitor for suspicious FTP-related activity
  • Assess whether TLS inspection deployments could expose sensitive traffic

As legacy protocols and aging code continue to create security risks, the SquidBleed vulnerability serves as another reminder that even decades-old software components can become modern cybersecurity threats.

Leave a Reply

Your email address will not be published. Required fields are marked *