Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2023-23691 HIGH

Dell Powervault Me5012 Firmware < me5.1.1.0.5 - HTTP Request Smuggling

CVE-2022-39163 MEDIUM

IBM Cognos Controller < 11.0.1 - HTTP Request Smuggling

CVE-2022-36760 CRITICAL

Apache HTTP Server < 2.4.55 - HTTP Request Smuggling

CVE-2022-41721 HIGH

MaxBytesHandler - SSRF

CVE-2022-35256 MEDIUM

Nodejs Node.js < 14.14.0 - HTTP Request Smuggling

CVE-2022-38114 MEDIUM

SolarWinds Security Event Manager - HTTP Request Smuggling and XSS

CVE-2022-45059 HIGH

Varnish Cache < 7.1.2 - HTTP Request Smuggling

CVE-2022-42252 HIGH

Apache Tomcat < 8.5.83 - HTTP Request Smuggling

CVE-2022-2880 HIGH

Go ReverseProxy - SSRF

CVE-2022-21826 MEDIUM

Ivanti Connect Secure < 9.1 - HTTP Request Smuggling

CVE-2022-2466 CRITICAL

Quarkus < 2.10.4 - HTTP Request Smuggling

CVE-2022-33988 HIGH

dproxy-nexgen - Info Disclosure

CVE-2022-1705 MEDIUM

GO < 1.17.12 - HTTP Request Smuggling

CVE-2022-20713 MEDIUM

Cisco ASA/FTD - XSS

CVE-2022-25763 HIGH

Apache Traffic Server < 8.1.5 - HTTP Request Smuggling

CVE-2022-31109 HIGH

laminas-diactoros - XSS

CVE-2022-32215 MEDIUM

Llhttp < 14.20.1 - HTTP Request Smuggling

CVE-2022-32214 MEDIUM

Llhttp < 2.1.5 - HTTP Request Smuggling

CVE-2022-32213 MEDIUM

Llhttp < 2.1.5 - HTTP Request Smuggling

CVE-2022-31081 HIGH

HTTP::Daemon <6.15 - Privilege Escalation

CVE-2022-26377 HIGH

Apache HTTP Server <2.4.53 - SSRF

CVE-2022-29361 CRITICAL

Pallets Werkzeug <2.1.0 - SSRF

CVE-2022-0552 MEDIUM

Netty-codec-http - Open Redirect

CVE-2022-24801 HIGH

Twisted < 22.4.0 - HTTP Request Smuggling

CVE-2022-24790 CRITICAL

Puma < 4.3.12 - HTTP Request Smuggling

Previous Page 7 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy