Description

claude-code-router is a powerful tool to route Claude Code requests to different models and customize any request. Due to improper Cross-Origin Resource Sharing (CORS) configuration, there is a risk that user API Keys or equivalent credentials may be exposed to untrusted domains. Attackers could exploit this misconfiguration to steal credentials, abuse accounts, exhaust quotas, or access sensitive data. The issue has been patched in v1.0.34.

INFO

Published Date :

2025-08-21T16:21:33.485Z

Last Modified :

2025-08-21T17:31:44.119Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-57755 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-57755.

URL Resource
https://github.com/musistudio/claude-code-router/security/advisories/GHSA-8hmm-4crw-vm2c cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability