CVE-2020-37056
Unknown Unknown - Not Provided

IP Spoofing in Crystal Shard http-protection 0.2.0 Enables Bypass

Vulnerability report for CVE-2020-37056, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-01-30

Last updated on: 2026-01-30

Assigner: VulnCheck

Description

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and gain unauthorized access.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-01-30
Last Modified
2026-01-30
Generated
2026-07-06
AI Q&A
2026-01-31
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
crystal_shard http-protection 0.2.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-290 This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in Crystal Shard http-protection 0.2.0 is an IP spoofing issue where attackers can manipulate request headers such as X-Forwarded-For, X-Client-IP, and X-Real-IP by hardcoding consistent IP values. This manipulation allows them to bypass the protection middleware's security checks.

Impact Analysis

The vulnerability can allow attackers to circumvent security protections and gain unauthorized access to systems or resources by spoofing IP addresses in request headers, potentially leading to data breaches or other security incidents.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37056. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart