Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2023-46121 MEDIUM

yt-dlp <2023.11.14 - SSRF

CVE-2023-47641 LOW

Aiohttp < 3.8.0 - HTTP Request Smuggling

CVE-2023-47627 MEDIUM

Aiohttp < 3.8.6 - HTTP Request Smuggling

CVE-2023-46846 CRITICAL

CVE-2023-46137 MEDIUM

Twisted <23.10.0rc1 - Info Disclosure

CVE-2023-30910 MEDIUM

HPE Msa 1060 Storage Firmware < in210r004 - HTTP Request Smuggling

CVE-2023-41265 CRITICAL KEV

Qlik Sense - HTTP Request Smuggling

CVE-2023-40175 HIGH

Puma < 5.6.7 - HTTP Request Smuggling

CVE-2023-40225 HIGH

Haproxy < 2.0.32 - HTTP Request Smuggling

CVE-2023-33934 CRITICAL

Apache Traffic Server <9.2.1 - Info Disclosure

CVE-2023-38697 MEDIUM

Falcon - Info Disclosure

CVE-2023-34037 MEDIUM

VMware Horizon Server - HTTP Smuggling

CVE-2023-35944 HIGH

Envoy <1.27.0-1.23.12 - Info Disclosure

CVE-2023-37276 MEDIUM

Aiohttp < 3.8.4 - HTTP Request Smuggling

CVE-2023-33987 HIGH

SAP Web Dispatcher <7.90 - Unauthenticated RCE

CVE-2023-26137 HIGH

drogonframework/drogon - SSRF

CVE-2023-33193 CRITICAL

Emby Server - Privilege Escalation

CVE-2023-27238 CRITICAL

LavaLite CMS <9.0.0 - SSRF

CVE-2023-25950 HIGH

Haproxy < 2.6.7 - HTTP Request Smuggling

CVE-2023-27493 HIGH

Envoy < 1.22.9 - HTTP Request Smuggling

CVE-2023-27491 MEDIUM

Envoy < 1.22.9 - HTTP Request Smuggling

CVE-2023-29141 CRITICAL

MediaWiki <1.35.10, <1.36, <1.38.6, <1.39.3 - Info Disclosure

CVE-2023-27522 HIGH

Apache HTTP Server < 2.4.56 - HTTP Request Smuggling

CVE-2023-25690 CRITICAL

Apache HTTP Server < 2.4.55 - HTTP Request Smuggling

CVE-2023-25725 CRITICAL

Haproxy < 2.0.31 - HTTP Request Smuggling

Previous Page 6 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy