Vendor

Kuadrant

1 brief RSS

MCP Gateway Authority Injection and JWT/Session Bypass via Unauthenticated Router Hairpin

The MCP router exposes an initialize method code path that bypasses the gateway JWT session validator and rewrites the upstream :authority header, gated only by a shared header value, allowing attackers to bypass authorization and access backend services.

mcp-gateway authentication-bypass authorization-bypass jwt-bypass

2r 2t 1d ago