low

AWS API Gateway HTTP header smuggling

Published Wed, Nov 10th, 2021

Platforms

Summary

A flaw in AWS API Gateway enabled hiding HTTP request headers. Tampering with HTTP requests visibility enabled bypassing IP restrictions, cache poisoning and request smuggling.

Affected Services

API Gateway

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://www.intruder.io/research/practical-http-header-smuggling

Contributed by https://github.com/a10ns

Disclosure Date

Wed, Nov 10th, 2021

Exploitablity Period

Known ITW Exploitation

Detection Methods

Discovered by

Daniel Thatcher, intruder

More vulnerabilities...

high

Azure NotLegit

Azure App Service had an insecure default behavior that exposed the source code of customer applications written in PHP, Python, Ruby, or Node, that were deployed using “Local Git”.

Shir Tamari, Wiz

Thu, Oct 7th, 2021

medium

AWS WAF configuration allows SQL injection

AWS WAF using the Core Rules set allowed SQL injection. In AWS WAF only the first 8 KB (8,192 bytes) of the request body are forwarded to AWS WAF for inspection, but AWS Managed rules allowed reque...

Osama Elnaggar

Sun, Oct 3rd, 2021

low

Exfiltrate data via the logs of GCP Org policy

Upon blocking a request, GCP Org policy constraints were logging the deny logs in Principal''s project and the blocking project. An attacker could use those logs to exfiltrate any data, by making r...

Jonathan Rault, TrustOnCloud

Wed, Sep 22nd, 2021

View all