Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2022-24766 CRITICAL

mitmproxy <7.0.4 - SSRF

CVE-2022-24761 HIGH

Waitress <2.1.0 - SSRF

CVE-2022-22720 CRITICAL

Apache HTTP Server < 2.4.52 - HTTP Request Smuggling

CVE-2022-22536 CRITICAL KEV

SAP NetWeaver - Request Smuggling

CVE-2022-22532 CRITICAL

SAP NetWeaver Application Server Java - Memory Corruption

CVE-2022-23959 CRITICAL

Varnish Cache <6.6.2,7.0.2 - SSRF

CVE-2022-22691 MEDIUM

Umbraco Cms < 9.2.0 - HTTP Request Smuggling

CVE-2022-22690 HIGH

Umbraco Cms < 9.2.0 - HTTP Request Smuggling

CVE-2021-46825 CRITICAL

Symantec ASG & ProxySG - Open Redirect

CVE-2021-25220 MEDIUM

BIND <9.18.0 - Info Disclosure

CVE-2021-41442 HIGH

Dlink Dir-x1860 Firmware < 1.03 - HTTP Request Smuggling

CVE-2021-42791 HIGH

Veridiumid Veridiumad - HTTP Request Smuggling

CVE-2021-45468 CRITICAL

Imperva Web Application Firewall < 2021-12-23 - HTTP Request Smuggling

CVE-2021-41451 HIGH

Tp-link Archer Ax10 Firmware < v1_211117 - HTTP Request Smuggling

CVE-2021-43797 MEDIUM

Netty <4.1.71.Final - HTTP Request Smuggling

CVE-2021-41450 HIGH

Tp-link Archer Ax10 V1 Firmware < 211117 - HTTP Request Smuggling

CVE-2021-37253 HIGH

M-files Web < 20.10.9524.1 - HTTP Request Smuggling

CVE-2021-41267 MEDIUM

Symfony/Http-Kernel - Info Disclosure

CVE-2021-41436 HIGH

Asus Gt-ax11000 Firmware < 3.0.0.4.386.45898 - HTTP Request Smuggling

CVE-2021-43669 HIGH

HyperLedger Fabric <2.3.0 - DoS

CVE-2021-22959 MEDIUM

llhttp <v2.1.4-<v6.0.6 - SSRF

CVE-2021-43610 HIGH

Belledonne Belle-sip <5.0.20 - DoS

CVE-2021-22960 MEDIUM

llhttp <2.1.4-<6.0.6 - SSRF

CVE-2021-37147 HIGH

Apache Traffic Server < 8.1.2 - HTTP Request Smuggling

CVE-2021-29991 HIGH

Firefox <91.0.1 - SSRF

Previous Page 8 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy