6.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-66202

CVE-2025-66202: Astro has an Authentication Bypass via Double URL Encoding, a bypass for CVE-2025-64765

Authentication Bypass via Double URL Encoding in Astro

Bypass for CVE-2025-64765 / GHSA-ggxq-hp9w-j794

Summary

A double URL encoding bypass allows any unauthenticated attacker to bypass path-based authentication checks in Astro middleware, granting unauthorized access to protected routes. While the original CVE-2025-64765 (single URL encoding) was fixed in v5.15.8, the fix is insufficient as it only decodes once. By using double-encoded URLs like /%2561dmin instead of /%61dmin, attackers can still bypass authentication and access protected resources such as /admin, /api/internal, or any route protected by middleware pathname checks.

Fix

A more secure fix is just decoding once, then if the request has a %xx format, return a 400 error by using something like :

if (containsEncodedCharacters(pathname)) {
            // Multi-level encoding detected - reject request
            return new Response(
                'Bad Request: Multi-level URL encoding is not allowed',
                {
                    status: 400,
                    headers: { 'Content-Type': 'text/plain' }
                }
            );
        }

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-66202

CVE-2025-66202:

6.5

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
astro	npm	< 5.15.8	5.15.8

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is an authentication bypass caused by improper handling of double URL-encoded characters in the request path. The provided patch was intended to fix a similar vulnerability (CVE-2025-64765) by decoding the URL pathname once before it is passed to the application's middleware for authorization checks. However, this fix is insufficient.

An attacker can bypass this single-decode mechanism by double-encoding the URL. For example, a request for a protected route like /admin can be sent as /%2561dmin.

The vulnerable functions, RenderContext.#createNormalizedUrl (for production SSR) and handleRequest (for the development server), receive the double-encoded path.
They apply decodeURI() once, transforming /%2561dmin into /%61dmin.
This partially-decoded path is then passed to the Astro middleware.
The middleware compares /%61dmin against the protected path /admin, the check fails, and the middleware incorrectly allows the request to proceed.
The request is then passed to the underlying web server, which performs another decoding step, resolves the path to /admin, and serves the protected content, resulting in an authentication bypass.

The identified functions are the precise locations where this flawed, single-pass decoding occurs, making them the root cause of the vulnerability.

Vulnerable functions

RenderContext.#createNormalizedUrl

packages/astro/src/core/render-context.ts

This function was introduced to fix a path traversal vulnerability by decoding the URL pathname. However, it only performs a single decoding. An attacker can bypass this by double-encoding the URL (e.g., `/%2561dmin` for `/admin`). The function decodes this to `/%61dmin`, which doesn't match the protected path in the middleware, but is later fully decoded by the server, granting unauthorized access. This function is called by the RenderContext constructor, as well as the `rewrite` and `handle` methods.

handleRequest

packages/astro/src/vite-plugin-astro-server/request.ts

This function handles requests in the Astro development server. The patch to fix a previous vulnerability introduced a single URL decoding of the pathname. This is insufficient and can be bypassed with a double-encoded URL, leading to an authentication bypass. An attacker can access protected routes by sending a request like `/%2561dmin`, which is decoded to `/%61dmin` and bypasses middleware checks before being fully decoded by the server.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

6.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-66202: Astro has an Authentication Bypass via Double URL Encoding, a bypass for CVE-2025-64765

Authentication Bypass via Double URL Encoding in Astro

Bypass for CVE-2025-64765 / GHSA-ggxq-hp9w-j794

Summary

Fix

CVE-2025-66202:

6.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2025-66202: Astro has an Authentication Bypass via Double URL Encoding, a bypass for CVE-2025-64765

Authentication Bypass via Double URL Encoding in Astro

Bypass for CVE-2025-64765 / GHSA-ggxq-hp9w-j794

Summary

Fix

6.5

6.5

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI