CVE-2026-27700: X Forwarded For Spoofing
Extracting the first IP address from the 'X-Forwarded-For' header can lead to IP spoofing. Load balancers like AWS ALB append the real client IP to the end of the header, leaving earlier values attacker-controlled. Extracting the first element allows an attacker to spoof their IP address by injecting their own 'X-Forwarded-For' header. Use the last IP addres
greprules fetch cve-2026-27700-x-forwarded-for-spoofing --engine opengrepDescription
Extracting the first IP address from the 'X-Forwarded-For' header can lead to IP spoofing. Load balancers like AWS ALB append the real client IP to the end of the header, leaving earlier values attacker-controlled. Extracting the first element allows an attacker to spoof their IP address by injecting their own 'X-Forwarded-For' header. Use the last IP addres
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.