THREATOPS
THREAT OPSThreat News › [GHSA] GHSA-g936-7jqj-mwv8 (critical) — TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation

[GHSA] GHSA-g936-7jqj-mwv8 (critical) — TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation

medgithub_advisoriesPublished 2026-07-10

GHSA-g936-7jqj-mwv8 Severity: critical CVE: None

TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation

## Description

A vulnerability was discovered in TSDProxy where it forwards its internal per-process authentication token to all proxied backend services. When `identityHeaders` is enabled (the default), tsdproxy injects `x-tsdproxy-auth-token` int

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://github.com/advisories/GHSA-g936-7jqj-mwv8