Astro Vercel Unauthenticated Path Override Vulnerability Bypassing Vercel Firewall

A vulnerability in the @astrojs/vercel serverless entrypoint allows for unauthenticated path overrides, bypassing Vercel's platform-level path restrictions. This issue affects versions of @astrojs/vercel prior to 10.0.2. The vulnerability arises because the serverless entrypoint blindly trusts the x-astro-path header and x_astro_path query parameter to rewrite the internal request path, without any authentication. On deployments without Edge Middleware, this oversight can be exploited to access restricted content or API endpoints. The vulnerability is particularly concerning because it allows POST, PUT, and DELETE requests to be directed to overridden paths, effectively bypassing Vercel's Firewall rules.

Impact

Exploitation of this vulnerability can lead to unauthorized access to restricted page content and API responses, as well as the ability to invoke write operations on API endpoints protected by Vercel's path-based Firewall rules.

Reproduction

To reproduce this vulnerability, deploy an Astro application on Vercel without Edge Middleware. Ensure that the application uses the @astrojs/vercel adapter and that the Vercel Firewall is configured to block access to certain paths, such as those under /admin/. Once the application is deployed, send a request to an API endpoint that is supposed to be protected by the Firewall, using either the x-astro-path header or the x_astro_path query parameter to override the path. The response should indicate that the request was successfully processed, demonstrating the bypass.

Remediation

Users can update to @astrojs/vercel version 10.0.2 or later, where this vulnerability has been patched.