Primary

Context

Libsoup Digest Authentication Replay Vulnerability Allowing Bypass of Authentication

Vulnerability

A vulnerability exists in Libsoup's server-side digest authentication within the SoupAuthDomainDigest class. The issue arises because the implementation fails to properly manage nonces and does not enforce the required incrementing nonce-count (nc) attribute. This flaw enables remote attackers to capture a valid authentication header and replay it multiple times, effectively bypassing authentication and gaining unauthorized access to protected resources while impersonating the legitimate user.

Impact

Exploiting this vulnerability allows for authentication bypass, enabling unauthorized access to protected resources.

Reproduction

The vulnerability can be reproduced by capturing a valid Authorization header from a user. This header can then be replayed multiple times to bypass authentication and access protected resources as the user.

Added: Mar 12, 2026, 2:18 PM

Updated: Mar 12, 2026, 2:18 PM

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

1.3

exploitability

7.7

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.3

impact

1.3

exploitability

7.7

remediation

0.0

relevance

3.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Libsoup Digest Authentication Replay Vulnerability Allowing Bypass of Authentication

Vulnerability

Impact

Reproduction

Affected Products

libsoup

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating