CVE-2025-62168 – Squid Proxy Token Leak Detection

This script detects systems potentially exposed to CVE-2025-62168, a critical Squid vulnerability where error pages may unintentionally include full HTTP request headers when email_err_data is enabled. Affected Squid versions prior to 7.2 can leak sensitive values such as authentication tokens or API keys, allowing attackers to obtain credentials used by trusted clients. The script verifies the Squid version, checks configuration behavior and determines whether conditions for exposure are met. No remediation is performed automatically; administrators must update or adjust settings manually. Compatible with Ubuntu, Debian, Kali, RHEL, CentOS, AlmaLinux, Rocky Linux, Fedora and similar distributions.

Видео CVE-2025-62168 – Squid Proxy Token Leak Detection канала Consultor vCISO