AI description
CVE-2025-31137 is a vulnerability found in React Router, specifically affecting Remix 2 and React Router 7 users utilizing the Express adapter. This flaw allows attackers to manipulate the URL pathname by exploiting the Host or X-Forwarded-Host headers in HTTP requests. By inserting a URL pathname in the port section of these headers, attackers can spoof the URL used in incoming requests. This vulnerability can lead to various exploits, including cache poisoning denial of service (CPDoS), WAF bypass, and escalated XSS attacks. The issue stems from the lack of port sanitization in React Router's Express adapter when handling the Host and X-Forwarded-Host headers. The vulnerability has been addressed in Remix 2.16.3 and React Router 7.4.1.
- Description
- React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incoming Request by putting a URL pathname in the port section of a URL that is part of a Host or X-Forwarded-Host header sent to a Remix/React Router request handler. This issue has been patched and released in Remix 2.16.3 and React Router 7.4.1.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-444
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
36
React Routerの脆弱性がキャッシュポイズニングやWAFバイパス攻撃に悪用される危険性(CVE-2025-31137) #セキュリティ対策Lab #セキュリティ #Security https://t.co/7bC9tNuxe3
@securityLab_jp
4 Apr 2025
40 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
Critical React Router flaw (CVE-2025-31137) exposes web apps to cache poisoning & WAF bypass—patch immediately to prevent data manipulation. Details: https://t.co/Tg3bRjSR68 #WebSecurity #Vulnerability
@adriananglin
3 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New paper on a vulnerability discovered in React Router, resulting from a collaboration between @zhero___ and @inzo____, which led to CVE-2025-31137: 'React Router and the Remix'ed Path. https://t.co/Wdo4g77aV8 https://t.co/k1dyS9WOpx
@iamunixtz
2 Apr 2025
1448 Impressions
2 Retweets
52 Likes
8 Bookmarks
0 Replies
0 Quotes
new paper on a vulnerability discovered in React Router, resulting from a collaboration with @inzo____ that led to CVE-2025-31137; React Router and the Remix'ed path https://t.co/LMiqASwZnf good reading https://t.co/VgVIDrILH2
@zhero___
2 Apr 2025
18794 Impressions
94 Retweets
455 Likes
166 Bookmarks
25 Replies
7 Quotes