CVE-2018-4030

HIGH

Getcujo Smart Firewall - HTTP Request Smuggling

Title source: rule

Description

An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. The bug lies in the way the safe browsing function parses HTTP requests. The "Host" header is incorrectly extracted from captured HTTP requests, which would allow an attacker to visit any malicious websites and bypass the firewall. An attacker could send an HTTP request to exploit this vulnerability.

References (1)

[Exploit, Third Party Advisory] https://talosintelligence.com/vulnerability_reports/TALOS-2018-0702

Scores

CVSS v3 7.5

EPSS 0.0022

EPSS Percentile 44.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-444

Status published

Products (1)

getcujo/smart_firewall 7003

Published Mar 21, 2019

Tracked Since Feb 18, 2026