Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2019-15605 CRITICAL

Nodejs Node.js < 10.19.0 - HTTP Request Smuggling

CVE-2019-20445 CRITICAL

Netty < 4.1.44 - HTTP Request Smuggling

CVE-2019-20444 CRITICAL

Netty < 4.1.44 - HTTP Request Smuggling

CVE-2019-16792 HIGH

Waitress <1.3.1 - SSRF

CVE-2019-20372 MEDIUM

F5 Nginx < 1.17.7 - HTTP Request Smuggling

CVE-2019-16789 HIGH

Waitress <1.4.0 - HTTP Request Smuggling

CVE-2019-16786 HIGH

Waitress <1.3.1 - Info Disclosure

CVE-2019-16785 HIGH

Waitress <1.3.1 - Info Disclosure

CVE-2019-18678 MEDIUM

Squid 3.x-4.8 - SSRF

CVE-2019-18277 HIGH

Haproxy < 2.0.6 - HTTP Request Smuggling

CVE-2019-15272 MEDIUM

Cisco Unified Communications Manager - HTTP Request Smuggling

CVE-2019-16276 HIGH

Go <1.12.10, <1.13.1 - SSRF

CVE-2019-16869 HIGH

Netty <4.1.42 - HTTP Request Smuggling

CVE-2019-1020012 HIGH

parse-server <3.4.1 - DoS

CVE-2019-0197 MEDIUM

Apache HTTP Server < 2.4.38 - HTTP Request Smuggling

CVE-2018-21245 CRITICAL

Apsis Pound < 2.8 - HTTP Request Smuggling

CVE-2018-4030 HIGH

Getcujo Smart Firewall - HTTP Request Smuggling

CVE-2018-8004 MEDIUM

Apache Traffic Server <6.2.2, <7.1.3 - SSRF

CVE-2018-3908 HIGH

Samsung Sth-eth-250 Firmware - HTTP Request Smuggling

CVE-2018-3909 HIGH

Samsung Sth-eth-250 Firmware - HTTP Request Smuggling

CVE-2018-3907 CRITICAL

Samsung Sth-eth-250 Firmware - HTTP Request Smuggling

CVE-2018-7068 MEDIUM

HP Centralview Fraud Risk Management < 6.1 - HTTP Request Smuggling

CVE-2017-12165 LOW

Undertow <1.4.17, <1.3.31, <2.0.0 - HTTP Request Smuggling

CVE-2017-2666 MEDIUM

Redhat Undertow < 1.3.31 - HTTP Request Smuggling

CVE-2017-7658 CRITICAL

Eclipse Jetty Server <9.2.x-9.4.x - Info Disclosure

Previous Page 12 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy