Undertow HTTP Request Smuggling Vulnerability

Undertow HTTP Request Smuggling Vulnerability

CVE-2017-12165 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.

Learn more about our Web Application Penetration Testing UK.