Advertisement
Top
image credit: Pixabay

HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack

September 8, 2021

Via: The Hacker News
Category:

A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks.

Tracked as CVE-2021-40346, the Integer Overflow vulnerability has a severity rating of 8.6 on the CVSS scoring system and has been rectified in HAProxy versions 2.0.25, 2.2.17, 2.3.14 and 2.4.4.

Read More on The Hacker News

RELATED PUBLICATIONS

Attackers abuse business-critical cloud apps to deliver malware
Weakness In Windows Defender Lets Malware Slip Through Via SMB Shares

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!