Name HTTP Request Smuggling
Summary HTTP Request Smuggling results from the discrepancies in parsing HTTP requests between HTTP entities such as web caching proxies or application firewalls. Entities such as web servers, web caching proxies, application firewalls or simple proxies often parse HTTP requests in slightly different ways. Under specific situations where there are two or more such entities in the path of the HTTP request, a specially crafted request is seen by two attacked entities as two different sets of requests. This allows certain requests to be smuggled through to a second entity without the first one realizing it.
Prerequisites An additional HTTP entity such as an application firewall or a web caching proxy between the attacker and the second entity such as a web server Differences in the way the two HTTP entities parse HTTP requests
Solutions HTTP Request Smuggling is usually targeted at web servers. Therefore, in such cases, careful analysis of the entities must occur during system design prior to deployment. If there are known differences in the way the entities parse HTTP requests, the choice of entities needs consideration. Employing an application firewall can help. However, there are instances of the firewalls being susceptible to HTTP Request Smuggling as well.
Related Weaknesses
CWE ID Description
CWE-436 Interpretation Conflict
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
CWE-707 Improper Neutralization
Back to Top