CVE-2026-33768
Path Traversal in Astro @astrojs/vercel Enables Auth Bypass
Publication date: 2026-03-24
Last updated on: 2026-03-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| astro | @astrojs/vercel | to 10.0.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-441 | The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request before forwarding the request to an external actor that is outside of the product's control sphere. This causes the product to appear to be the source of the request, leading it to act as a proxy or other intermediary between the upstream component and the external actor. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, upgrade the @astrojs/vercel serverless entrypoint to version 10.0.2 or later, where the issue has been patched.
Can you explain this vulnerability to me?
This vulnerability exists in the Astro web framework prior to version 10.0.2, specifically in the @astrojs/vercel serverless entrypoint. It improperly reads the x-astro-path header and x_astro_path query parameter to rewrite the internal request path without any authentication.
Because of this, on deployments that do not use Edge Middleware, anyone can bypass Vercel's platform-level path restrictions. The rewritten path preserves the original HTTP method and body, meaning that not only GET requests but also POST, PUT, and DELETE requests can be redirected to restricted paths.
For example, a firewall rule blocking access to /admin/* paths can be bypassed by sending a POST request to /api/health with the query parameter x_astro_path=/admin/delete-user, effectively allowing unauthorized access to restricted endpoints.
This issue was fixed in version 10.0.2 of Astro.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to bypass platform-level path restrictions and access or modify restricted resources without authentication.
Since the vulnerability allows rewriting of internal request paths while preserving HTTP methods and bodies, attackers can perform unauthorized actions such as deleting users or modifying sensitive data by sending crafted requests.
This can lead to unauthorized information disclosure, data modification, or other malicious activities depending on the protected endpoints that are bypassed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know