Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
4DescriptionGitHub Advisory
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to before 1.15.14, 1.16.0-rc.1 to before 1.16.14, and 1.17.0-rc.1 to before 1.17.5, a vulnerability has been found in Dapr that allows bypassing access control policies for service invocation using reserved URL characters and path traversal sequences in method paths. The ACL normalized the method path independently from the dispatch layer, so the ACL evaluated one path while the target application received a different one. This issue has been patched in versions 1.15.14, 1.16.14, and 1.17.5.
AnalysisAI
Path traversal in Dapr runtime versions 1.3.0-1.15.13, 1.16.0-rc.1-1.16.13, and 1.17.0-rc.1-1.17.4 allows authenticated attackers to bypass service invocation access control policies by exploiting URL encoding mismatches between ACL evaluation and request dispatch layers. Attackers can use encoded path traversal sequences (e.g., admin%2F..%2Fpublic) or reserved URL characters (%23 for fragment, %3F for query) to authorize one path while delivering a different path to the target application. The gRPC API is more dangerous as it passes method strings raw without client-side sanitization. Vendor-released patches are available in versions 1.15.14, 1.16.14, and 1.17.5 (GitHub PR #9589). No public exploit code or CISA KEV listing identified at time of analysis.
Technical ContextAI
Dapr is a distributed application runtime providing service invocation, state management, and pub/sub capabilities for cloud and edge environments. The vulnerability stems from CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) in the service invocation ACL mechanism. Dapr's ACL layer used purell.NormalizeURLString to normalize method paths before policy evaluation, which decoded percent-encoded sequences, resolved path traversal (../), and stripped URL fragment (#) and query (?) delimiters. However, the HTTP dispatch layer used raw method strings without equivalent normalization, creating a semantic gap. The gRPC API exacerbated the issue by passing method strings literally with no client-side sanitization of reserved characters. This inconsistency meant ACL policy evaluated a sanitized path (e.g., 'public') while the target application received the raw encoded path (e.g., 'admin/../public'), effectively bypassing access control. The fix (PR #9589) standardized URL construction using Go's net/url.Parse, setting RawPath and EscapedPath() to preserve reserved characters and prevent reinterpretation of
as fragment or ? as query syntax.
RemediationAI
Upgrade Dapr immediately to patched version 1.15.14 (if running 1.3.0-1.15.13), 1.16.14 (if running 1.16.x), or 1.17.5 (if running 1.17.x). Patch details are in GitHub PR #9589 (https://github.com/dapr/dapr/pull/9589) and vendor advisory GHSA-85gx-3qv6-4463 (https://github.com/dapr/dapr/security/advisories/GHSA-85gx-3qv6-4463). If immediate patching is not possible, implement compensating controls: (1) Restrict network access to Dapr HTTP and gRPC APIs to trusted clients only using network policies or firewall rules-this reduces attacker surface but limits microservice flexibility; (2) Review and tighten service invocation ACL policies to use explicit allow-lists with no deny-prefix-only rules-however, this does not fully mitigate the normalization mismatch; (3) Deploy a reverse proxy or API gateway in front of Dapr sidecars to normalize and validate method paths before they reach Dapr-this adds latency and operational complexity. None of these workarounds are substitutes for patching, as the root cause normalization mismatch persists.
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. Rated high severi
Authentication bypass via OIDC discovery poisoning in Dapr Sentry allows a remote unauthenticated attacker to inject an
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28553
GHSA-85gx-3qv6-4463