CVE-2021-40346

This repository contains a proof-of-concept for CVE-2021-40346, an HTTP request smuggling vulnerability in HAProxy. The PoC demonstrates how an attacker can bypass access controls (e.g., `/admin` endpoint) by exploiting inconsistent handling of HTTP headers.

The repository claims to be a PoC for CVE-2021-40346 (HAProxy integer overflow leading to HTTP request smuggling) but only contains a basic Flask app with no exploit logic. The README references external analysis but lacks functional exploit code.

This repository contains a writeup and references for CVE-2021-40346, an integer overflow vulnerability in HAProxy that enables HTTP smuggling. It provides links to external resources but does not include exploit code or technical details.

This repository contains a Python-based exploit for CVE-2021-40346, a vulnerability in HAProxy that allows HTTP request smuggling. The exploit crafts a malicious HTTP request to bypass access controls and retrieve forbidden resources.

This PoC demonstrates CVE-2021-40346, an integer overflow vulnerability in HAProxy that enables HTTP request smuggling to bypass ACLs. The exploit uses a crafted header to trigger an overflow, allowing an attacker to smuggle a request to a protected endpoint.