{"vulnerability": "CVE-2021-40346", "sightings": [{"uuid": "81a1cb66-274e-4b0e-b45c-f19235fcbc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/610", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40346 integer overflow enables http smuggling\nURL\uff1ahttps://github.com/donky16/CVE-2021-40346-POC", "creation_timestamp": "2021-09-28T08:32:41.000000Z"}, {"uuid": "9835e751-d7f5-474a-b5df-2b21438f9996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/826", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aHAProxy CVE-2021-40346\nURL\uff1ahttps://github.com/Vulnmachines/HAProxy_CVE-2021-40346", "creation_timestamp": "2021-11-08T11:58:01.000000Z"}, {"uuid": "6c67d538-b6a8-4813-8fb5-45cd833ae6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7050", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-40346 PoC (HAProxy HTTP Smuggling).\n\nhttps://github.com/knqyf263/CVE-2021-40346", "creation_timestamp": "2021-09-12T04:50:48.000000Z"}, {"uuid": "e7466a1b-ac10-4848-b1ae-46318ce54914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/6998", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-08T20:55:22.000000Z"}, {"uuid": "8b2f7888-6c18-4125-9ba4-187147290fe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7339", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 https://github.com/donky16/CVE-2021-40346-POC", "creation_timestamp": "2021-09-28T13:20:27.000000Z"}, {"uuid": "343f5dbf-85b0-4d3a-8cf4-d0ff8c93470c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "seen", "source": "https://t.me/cibsecurity/28505", "content": "\u203c CVE-2021-40346 \u203c\n\nAn integer overflow exists in HAProxy 2.0 through 2.5 in the htx_add_header() can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-08T20:45:33.000000Z"}, {"uuid": "69b47130-b052-429f-8dac-f900ef151fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/69", "content": "Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\ud83d\udc64 by Ori Hollander and Or Peles\n\nThe vulnerability,\u00a0CVE-2021-40346, is an Integer Overflow, triggerable via the Content-Length HTTP header, that makes it possible to conduct HTTP Request Smuggling attacks.\n\n\ud83d\udcdd Contents:\n\u2022 Technical Background\n  \u2022 HTTP Request Smuggling\n  \u2022 HAProxy\u2019s HTTP request processing phases (simplified)\n\u2022 Attack Scenario \u2013 Bypassing http-request ACLs\n  \u2022 What happens inside HAProxy\n  \u2022 Getting the HTTP response for the smuggled request\n  \u2022 Attack demonstration \u2013 ACL bypass\n\u2022 Vulnerability Details\n\u2022 Automating the Discovery\n\u2022 Fixes and Workarounds\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-09T06:20:46.000000Z"}, {"uuid": "22eb6098-f6c1-4cfb-a6b6-bde2ce030ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1381", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40346 - HaProxy HTTP request smuggling through integer overflow\nURL\uff1ahttps://github.com/alexOarga/CVE-2021-40346", "creation_timestamp": "2022-01-24T22:21:35.000000Z"}, {"uuid": "59baf3a9-f638-4e8c-9664-b12e8ade5c72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/218", "content": "Simple Serv-U CVE-2021-35211 #poc\nhttps://github.com/NattiSamson/Serv-U-CVE-2021-35211\n\nCVE-2021-40346 integer overflow enables http smuggling\nhttps://github.com/donky16/CVE-2021-40346-POC\n\nPOC for CVE-2021-31166: Windows HTTP\nhttps://github.com/antx-code/CVE-2021-31166\n\nOffensive RPC #poc\nhttps://github.com/sensepost/offensive-rpc\n\nSimple Serv-U CVE-2021-35211 #poc\nhttps://github.com/5gstudent/CVE-2021-22005-\n\nios-nehelper-wifi-info-0day #exploit\nhttps://github.com/illusionofchaos/ios-nehelper-wifi-info-0day\nhttps://github.com/illusionofchaos/ios-nehelper-enum-apps-0day\n\n#poc for CVE-2021-3129 (Laravel)\nhttps://github.com/knqyf263/CVE-2021-3129", "creation_timestamp": "2021-10-01T18:29:21.000000Z"}, {"uuid": "b3d9606d-3a4b-48af-94cb-6ca5b03070e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/181", "content": "Latest Vulnerabilities and Exploits\n\n1_ ProxyShell \n_ https://github.com/ktecv2000/ProxyShell\n_ https://github.com/dmaasland/proxyshell-poc\n_ https://github.com/Udyz/proxyshell-auto\n\n2_ proxylogon\nhttps://github.com/Udyz/Automatic-Proxylogon-Exploit\n\n3_ HAProxy HTTP Smuggling\nhttps://github.com/knqyf263/CVE-2021-40346\n\n4_ Sequoia PoC\nhttps://github.com/ChrisTheCoolHut/CVE-2021-33909\n\n5_ RCE 0-day for GhostScript 9.50\nhttps://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50\n\n6_ CVE-2021-26084:\nConfluence Server Webwork OGNL Injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\n\nRCE PoC:\nhttps://github.com/FanqXu/CVE-2021-26084", "creation_timestamp": "2021-09-10T14:07:22.000000Z"}, {"uuid": "62e392b7-8586-4e45-a513-70784fa2bcae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8742", "content": "#exploit \n1. CVE-2021-40346:\nHAProxy HTTP Smuggling\nhttps://github.com/knqyf263/CVE-2021-40346\n\n2. CVE-2023-26045:\nNodeBB Forum Software RCE Flaw\nhttps://securityonline.info/cve-2023-26045-nodebb-forum-software-remote-code-execution-flaw", "creation_timestamp": "2023-07-27T13:26:17.000000Z"}, {"uuid": "9b053be6-aad0-4cfb-aa00-a842f0513cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40346", "type": "published-proof-of-concept", "source": "https://t.me/dc7342/42353", "content": "Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling\n\ud83d\udc64 by Ori Hollander and Or Peles\n\nThe vulnerability,\u00a0CVE-2021-40346, is an Integer Overflow, triggerable via the Content-Length HTTP header, that makes it possible to conduct HTTP Request Smuggling attacks.\n\n\ud83d\udcdd Contents:\n\u2022 Technical Background\n  \u2022 HTTP Request Smuggling\n  \u2022 HAProxy\u2019s HTTP request processing phases (simplified)\n\u2022 Attack Scenario \u2013 Bypassing http-request ACLs\n  \u2022 What happens inside HAProxy\n  \u2022 Getting the HTTP response for the smuggled request\n  \u2022 Attack demonstration \u2013 ACL bypass\n\u2022 Vulnerability Details\n\u2022 Automating the Discovery\n\u2022 Fixes and Workarounds\n\nhttps://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/", "creation_timestamp": "2021-09-09T14:24:36.000000Z"}]}