CVE-2026-22726— Route Services Firewall Bypass

Route Services Firewall Bypass

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routing_release v0.372.0).

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

通信信道对预期端点的不适当限制

CloudFoundry CF Deployment 和CloudFoundry Routing release 安全漏洞

CloudFoundry CF Deployment 和CloudFoundry Routing release都是CloudFoundry基金会的产品。CloudFoundry CF Deployment 是一个代码部署组件。CloudFoundry Routing release是一个应用路由组件集合。 CloudFoundry CF Deployment 和CloudFoundry Routing release存在安全漏洞，该漏洞源于路由服务可被利用将应用流量发送到配置的出口规则之外的网络目标，允

N/A

N/A