CVE-2025-4366

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-4366
A request smuggling vulnerability identified within Pingora’s proxying framework, pingora-proxy, allows malicious HTTP requests to be injected via manipulated request bodies on cache HITs, leading to unauthorized request execution and potential cache poisoning. Fixed in:  https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff Impact: The issue could lead to request smuggling in cases where Pingora’s proxying framework, pingora-proxy, is used for caching allowing an attacker to manipulate headers and URLs in subsequent requests made on the same HTTP/1.1 connection.

8.0 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.8

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/cloudflare/pingora
Configurations

No configuration.

History

23 May 2025, 15:55

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de contrabando de solicitudes identificada en pingora-proxy, el framework de proxy de Pingora, permite la inyección de solicitudes HTTP maliciosas mediante cuerpos de solicitud manipulados en los HIT de caché, lo que provoca la ejecución no autorizada de solicitudes y un posible envenenamiento de la caché. Corregido en: https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff Impacto: El problema podría provocar contrabando de solicitudes cuando se utiliza pingora-proxy, el framework de proxy de Pingora, para el almacenamiento en caché, lo que permite a un atacante manipular encabezados y URL en solicitudes posteriores realizadas en la misma conexión HTTP/1.1.

22 May 2025, 19:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.0

22 May 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-22 16:15

Updated : 2025-05-23 15:55

NVD link : CVE-2025-4366

Mitre link : CVE-2025-4366

CVE.ORG link : CVE-2025-4366

JSON object : View

Products Affected

No product.

CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')