Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2019-20372

Published: 09/01/2020 Updated: 06/04/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Nginx

Vulnerability Summary

NGINX prior to 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an malicious user to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

f5 nginx

apple xcode

canonical ubuntu linux 14.04

opensuse leap 15.1

netapp cloud backup -

Vendor Advisories

Red Hat: Moderate: rh-nginx116-nginx security update
Synopsis Moderate: rh-nginx116-nginx security update Type/Severity Security Advisory: Moderate Topic An update for rh-nginx116-nginx is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: nginx:1.16 security update
Synopsis Moderate: nginx:116 security update Type/Severity Security Advisory: Moderate Topic An update for the nginx:116 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVS ...
Debian CVElist Bug Report Logs: nginx: CVE-2019-20372
Debian Bug report logs - #948579 nginx: CVE-2019-20372 Package: src:nginx; Maintainer for src:nginx is Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-listsdebiannet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 10 Jan 2020 13:09:04 UTC Severity: important Tags: security, upstream Found ...
Ubuntu Security Notice: nginx vulnerability
nginx could be made to expose sensitive information over the network ...
Ubuntu Security Notice: nginx vulnerability
nginx could be made to expose sensitive information over the network ...
Amazon Linux 2: ALASNGINX1-2023-004
NGINX before 1177, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer (CVE-2019-20372) ...

Github Repositories

https://github.com/0xleft/CVE-2019-20372

nginx http request smugling error_page directive

CVE-2019-20372 This repository is for educational purposes only /server vulnerable server run /serversh /exploitpy exploit script run python3 exploitpy importante! blkcipherpl/assets/pdfs/2019-12-10-error_page_request_smugglingpdf githubcom/vuongnv3389-sec/CVE-2019-20372 why this repo? because burp doesnt catch the second response and vuongnv3389-sec

https://github.com/igruntplay/http-smuggling

HTTP Smuggling Lab This is a mini lab to demonstrate a PoC with vulnerability CVE-2019-20372 in Nginx 1176 HTTP SMUGGLING References: nvdnistgov/vuln/detail/cve-2019-20372 accessredhatcom/security/cve/cve-2019-20372 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2019-20372 wwwcvedetailscom/cve/CVE-2019-20372/

https://github.com/ginoah/My-CTF-Challenges

My CTF Challenges Balsn CTF 2023 Challenge Category Description Solved 1linenginx Web Exploiting CVE-2019-20372 for Client-Side Desyc leading to XSS in NGINX 6/500 2022 Challenge Category Description Solved 2linenoodjs Web Finding internal Prototype Pollution gadget in node:1880 to RCE 13/584 2021 Challenge Category Description Solved 0linephp Web L

https://github.com/vigneshsb403/nginx0-HTTP-smugging

nginx0-smuggler (CVE-2019-20372) NoteDo not use this on an server you don't own or dont have permission to test on NGINX before 1177, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer docker container to recr

References

CWE-444https://github.com/kubernetes/ingress-nginx/pull/4859https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdfhttps://duo.com/docs/dng-notes#version-1.5.4-january-2020http://nginx.org/en/CHANGEShttps://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94ehttps://usn.ubuntu.com/4235-1/https://usn.ubuntu.com/4235-2/https://security.netapp.com/advisory/ntap-20200127-0003/http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00013.htmlhttps://support.apple.com/kb/HT212818http://seclists.org/fulldisclosure/2021/Sep/36https://access.redhat.com/errata/RHSA-2020:2817https://nvd.nist.govhttps://usn.ubuntu.com/4235-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook