Squid Vulnerability Exposes HTTP Authentication Credentials to Attackers Remotely

Threat: Vulnerability

Targeted Region: Global

Targeted Sector: Technology & IT

Criticality: Critical

EXECUTIVE SUMMARY:

A information disclosure vulnerability, CVE-2025-62168, in Squid Proxy allows HTTP authentication credentials and internal security tokens to be leaked via improperly redacted error responses, potentially enabling remote attackers to bypass browser protections, harvest sensitive credentials used by trusted clients and backend services, impersonate users, and pivot into protected networks; the flaw affects Squid versions up to and including and is intensified when debug data is included in administrator mailto links, and it is fully addressed in Squid, which implements robust credential redaction. Immediate mitigation is to apply the supplied patch or disable the email_err_data feature in squid.conf using email_err_data off. The vulnerability has a CVSS score of 10.0.

RECOMMENDATION:

We strongly recommend you update Squid to version 7.2.

REFERENCES:

The following reports contain further technical details:

https://securityonline.info/critical-squid-proxy-flaw-cve-2025-62168-cvss-10-0-leaks-http-credentials-and-security-tokens-via-error-handling/

Recent Advisories

Critical Command Injection Vulnerabilities Discovered in TP-Link Omada Gateway Devices

October 21, 2025

WaterPlum APT Targets Crypto Job Seekers Through ClickFake Interviews with OtterCandy Malware

October 20, 2025

Critical Keras 3 RCE Flaw Allows Code Execution on Model Load

October 20, 2025

Critical MitM Vulnerabilities in ConnectWise Automate Allow Remote Compromise of Managed Endpoints

October 18, 2025

Squid Vulnerability Exposes HTTP Authentication Credentials to Attackers Remotely

Recent Advisories

Report an Incident