CVE-2020-8287

MEDIUM

Node.js <10.23.1, 12.20.1, 14.15.4, 15.5.1 - SSRF

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-8287. PoCs published by progfay.

AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2020-8287, demonstrating HTTP request smuggling in Node.js via malformed Transfer-Encoding headers. The exploit leverages duplicate headers to bypass parsing logic, allowing an attacker to smuggle requests.

Description

Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.

Exploits (1)

nomisec WORKING POC 2 stars

by progfay · poc

https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc

View Code ZIP pw:eip

This repository contains a functional proof-of-concept for CVE-2020-8287, demonstrating HTTP request smuggling in Node.js via malformed Transfer-Encoding headers. The exploit leverages duplicate headers to bypass parsing logic, allowing an attacker to smuggle requests.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Node.js (versions 10.0.0-10.23.0, 12.0.0-12.20.0, 14.0.0-14.15.3, 15.0.0-15.5.0)

No auth needed

Prerequisites: Network access to a vulnerable Node.js server

MITRE ATT&CK