mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
983 B
983 B
CVE-2020-7670
Description
agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks where agoo is used as part of a chain of backend servers due to insufficient Content-Length and Transfer Encoding parsing.
POC
Reference
Github
No PoCs found on GitHub currently.