Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2021-41136 LOW

Puma <5.5.1-4.3.9 - SSRF

CVE-2021-41732 HIGH

Zeek - HTTP Request Smuggling

CVE-2021-31923 MEDIUM

Pingidentity Pingaccess < 5.3.3 - HTTP Request Smuggling

CVE-2021-39214 HIGH

Mitmproxy < 7.0.2 - HTTP Request Smuggling

CVE-2021-38162 HIGH

SAP Web Dispatcher - DoS

CVE-2021-34559 MEDIUM

Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth... - HTTP Request Smuggling

CVE-2021-33056 HIGH

Belledonne Belle-sip <4.5.20 - DoS

CVE-2021-38512 HIGH

actix-http <3.0.0-beta.9 - Info Disclosure

CVE-2021-32598 MEDIUM

Fortinet Fortianalyzer < 7.0.1 - HTTP Request Smuggling

CVE-2021-36740 MEDIUM

Varnish-cache Varnish Cache < 6.0.8 - HTTP Request Smuggling

CVE-2021-33683 MEDIUM

CVE-2021-33037 MEDIUM

Apache Tomcat <10.0.7-8.5.67 - Info Disclosure

CVE-2021-32715 LOW

hyper <0.14.10 - Open Redirect

CVE-2021-32565 HIGH

Apache Traffic Server < 7.1.12 - HTTP Request Smuggling

CVE-2021-27577 HIGH

Apache Traffic Server <9.0.2 - Info Disclosure

CVE-2021-30180 CRITICAL

Apache Dubbo <2.7.9 - RCE

CVE-2021-31922 HIGH

Pulsesecure Virtual Traffic Manager < 18.1 - HTTP Request Smuggling

CVE-2021-21409 MEDIUM

Netty < 4.1.61 - HTTP Request Smuggling

CVE-2021-21295 MEDIUM

Netty <4.1.60.Final - SSRF

CVE-2021-20220 MEDIUM

Redhat Undertow < 2.0.34 - HTTP Request Smuggling

CVE-2021-23339 MEDIUM

Akka-http-core <10.1.14, 10.2.0-10.2.4 - SSRF

CVE-2021-23336 MEDIUM

Python/cpython <3.6.13, <3.7.10, <3.8.8, <3.9.2 - Web Cache Poisoning

CVE-2021-21299 MEDIUM

hyper <0.13.10, 0.14.3 - SSRF

CVE-2021-22293 HIGH

Huawei Campusinsight - HTTP Request Smuggling

CVE-2021-25762 MEDIUM

Jetbrains Ktor < 1.4.3 - HTTP Request Smuggling

Previous Page 9 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy