diff --git a/apps/settings/lib/SetupChecks/ForwardedForHeaders.php b/apps/settings/lib/SetupChecks/ForwardedForHeaders.php
index e383128dcadda..b1147489f44b3 100644
--- a/apps/settings/lib/SetupChecks/ForwardedForHeaders.php
+++ b/apps/settings/lib/SetupChecks/ForwardedForHeaders.php
@@ -72,16 +72,16 @@ public function run(): SetupResult {
 			);
 		}
 
-		if (\in_array($remoteAddress, $trustedProxies, true) && ($remoteAddress !== '127.0.0.1')) {
-			if ($remoteAddress !== $detectedRemoteAddress) {
-				/* Remote address was successfuly fixed */
-				return SetupResult::success($this->l10n->t('Your IP address was resolved as %s', [$detectedRemoteAddress]));
-			} else {
-				return SetupResult::warning(
-					$this->l10n->t('The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud.'),
-					$this->urlGenerator->linkToDocs('admin-reverse-proxy')
-				);
-			}
+		if ($remoteAddress !== $detectedRemoteAddress && $remoteAddress !== '127.0.0.1') {
+			/* Remote address was successfully resolved via trusted proxy */
+			return SetupResult::success($this->l10n->t('Your IP address was resolved as %s', [$detectedRemoteAddress]));
+		}
+
+		if (!empty($trustedProxies) && $remoteAddress === $detectedRemoteAddress && $remoteAddress !== '' && $remoteAddress !== '127.0.0.1') {
+			return SetupResult::warning(
+				$this->l10n->t('The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud.'),
+				$this->urlGenerator->linkToDocs('admin-reverse-proxy')
+			);
 		}
 
 		/* Either not enabled or working correctly */
diff --git a/tests/lib/AppFramework/Http/RequestTest.php b/tests/lib/AppFramework/Http/RequestTest.php
index ec67ddeb0add2..5e10d0e94f351 100644
--- a/tests/lib/AppFramework/Http/RequestTest.php
+++ b/tests/lib/AppFramework/Http/RequestTest.php
@@ -639,16 +639,25 @@ public static function dataGetRemoteAddress(): array {
 				],
 				'192.168.0.233',
 			],
-			'IPv4 matching CIDR of trusted proxy' => [
-				[
-					'REMOTE_ADDR' => '192.168.3.99',
-					'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
-					'HTTP_X_FORWARDED_FOR' => '192.168.0.233',
-				],
-				['192.168.2.0/24'],
-				['HTTP_X_FORWARDED_FOR'],
-				'192.168.3.99',
-			],
+\t\t\t'IPv4 matching CIDR of trusted proxy' => [
+\t\t\t\t[
+\t\t\t\t\t'REMOTE_ADDR' => '192.168.3.99',
+\t\t\t\t\t'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
+\t\t\t\t\t'HTTP_X_FORWARDED_FOR' => '192.168.0.233',
+\t\t\t\t],
+\t\t\t\t['192.168.2.0/24'],
+\t\t\t\t['HTTP_X_FORWARDED_FOR'],
+\t\t\t\t'192.168.3.99',
+\t\t\t],
+\t\t\t'IPv4 matching large CIDR (/12) of trusted proxy' => [
+\t\t\t\t[
+\t\t\t\t\t'REMOTE_ADDR' => '172.21.0.7',
+\t\t\t\t\t'HTTP_X_FORWARDED_FOR' => '10.0.0.42',
+\t\t\t\t],
+\t\t\t\t['172.16.0.0/12'],
+\t\t\t\t['HTTP_X_FORWARDED_FOR'],
+\t\t\t\t'10.0.0.42',
+\t\t\t],
 			'IPv6 matching CIDR of trusted proxy' => [
 				[
 					'REMOTE_ADDR' => '2001:db8:85a3:8d3:1319:8a21:370:7348',