Armis Logo< Back

CVE-2020-37056:

IP spoofing vulnerability in Crystal Shard http-protection 0.2.0 allows attackers to bypass security checks.


Score
Info
A numerical rating that indicates how dangerous this vulnerability is.

9.8Critical
  • Published Date:Jan 30, 2026
  • CISA KEV Date:*No Data*
  • Industries Affected:20

Threat Predictions

  • EPSS Score:0.0
  • EPSS Percentile:12%

Exploitability

  • Score:3.9
  • Attack Vector:NETWORK
  • Attack Complexity:LOW
  • Privileges Required:NONE
  • User Interaction:NONE
  • Scope:UNCHANGED

Impact

  • Score:5.9
  • Confidentiality Impact:HIGH
  • Integrity Impact:HIGH
  • Availability Impact:HIGH

Description Preview

IP spoofing vulnerability in Crystal Shard http-protection 0.2.0 allows attackers to bypass security checks.

Overview

The vulnerability in Crystal Shard http-protection 0.2.0 stems from insufficient validation of client IP addresses. The protection middleware relies on these headers to determine the origin of requests, but fails to properly validate or cross-check the information. This oversight allows attackers to spoof their IP address by setting consistent values across multiple headers, effectively bypassing the intended security measures. The vulnerability is particularly concerning as it requires no special privileges or user interaction to exploit, and can be executed remotely over a network. With a CVSS v3.1 base score of 9.8 (Critical), this vulnerability poses a significant risk to systems relying on http-protection for security.

Remediation

  • To address this vulnerability, system administrators and developers should take the following steps:
  • 1. Update to the latest version of Crystal Shard http-protection if a patched version is available.
  • 2. Implement additional IP validation mechanisms that do not solely rely on easily manipulated headers.
  • 3. Consider using a web application firewall (WAF) or other security solutions that can detect and prevent IP spoofing attempts.
  • 4. Regularly audit and test the effectiveness of IP-based security measures.
  • 5. Implement a defense-in-depth strategy that doesn't rely exclusively on IP-based protection.

References

Industries Affected

Below is a list of industries most commonly impacted or potentially at risk based on intelligence.

Low
Mining icon
Mining
Utilities icon
Utilities
Information icon
Information
Construction icon
Construction
Retail Trade icon
Retail Trade
Manufacturing icon
Manufacturing
Wholesale Trade icon
Wholesale Trade
Educational Services icon
Educational Services
Finance and Insurance icon
Finance and Insurance
Public Administration icon
Public Administration
Real Estate Rental and Leasing icon
Real Estate Rental and Leasing
Transportation and Warehousing icon
Transportation and Warehousing
Accommodation and Food Services icon
Accommodation and Food Services
Health Care and Social Assistance icon
Health Care and Social Assistance
Arts, Entertainment, and Recreation icon
Arts, Entertainment, and Recreation
Management of Companies and Enterprises icon
Management of Companies and Enterprises
Agriculture, Forestry, Fishing and Hunting icon
Agriculture, Forestry, Fishing and Hunting
Other Services (except Public Administration) icon
Other Services (except Public Administration)
Professional, Scientific, and Technical Services icon
Professional, Scientific, and Technical Services
Administrative and Support and Waste Management and Remediation Services icon
Administrative and Support and Waste Management and Remediation Services

Focus on What Matters

See everything.Identify true risk.Proactively mitigate threats.Book a Demo

Let's talk!