Published: 08/09/2021 Updated: 17/09/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

An integer overflow exists in HAProxy 2.0 up to and including 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an malicious user to bypass all configured http-request HAProxy ACLs and possibly other ACLs.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

haproxy haproxy

haproxy haproxy 2.5

debian debian linux 11.0

Vendor Advisories

Ori Hollander reported that missing header name length checks in the htx_add_header() and htx_add_trailer() functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in request smuggling attacks or response splitting attacks Additionally this update addresses #993303 introduced in DSA 4960-1 causing HAProxy to fail servi ...
No description is available for this CVE ...
A bug has been found in the HTTP header name length encoding in the HTX representation of haproxy, by which the most significant bit of the name's length can slip into the value's least significant bit A remote attacker could craft a valid request that could inject a dummy content-length on input that would be produced on output in addition to the ...

Github Repositories

CVE-2021-40346 CVE-2021-40346 PoC (HAProxy HTTP Smuggling)


Nginx Nginx 场景绕过之一: URL white spaces + Gunicorn Nginx 场景绕过之二:proxy_pass 中的斜杠 (trailing slash) 与 编码 Squid Squid 场景绕过之一: URN bypass ACL HAProxy HAProxy 场景绕过之一: CVE-2021-40346 Content-Length 整型溢出与HTTP Request Smuggling

CVE-2021-40346-POC CVE-2021-40346 integer overflow enables http smuggling 整数溢出导致的http请求走私 Build git clone githubcom/donky16/CVE-2021-40346-POCgit cd CVE-2021-40346-POC docker-compose build docker-compose up -d Exploit

漏洞百出 Topics 20 星球最新20条Topic - 更新于 2021-09-16 10:11:36 作者 内容 发表时间 CoolCat 星球链接: 581288518425814 简要内容: 无文章标题: 无首个文件: 记一个黑盒挖到的C#程序反序列化漏洞pdf 2021-09-15 19:14:49 chybeta 星球链接: 218511515814811 简要内容: 利用hop-by-hop绕过:结合CVE-2021-33197文章