Miggo Logo
Miggo Vulnerability Database
CVE-2020-25613

CVE-2020-25613:
WEBRick vulnerable to HTTP Request/Response Smuggling

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-25613
GHSA ID
GHSA-gwfg-cqmg-cf8f
EPSS Score
0.44821%
CWE
CWE-444
Published
5/24/2022
Updated
4/22/2024
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
webrickrubygems< 1.6.11.6.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The GitHub patch shows critical regex pattern changes in httprequest.rb:

  1. Transfer-Encoding header check was tightened from /chunked/ to /\Achunked\z/
  2. Connection header checks were anchored with \A and \z. These lax regex patterns in the original code allowed attackers to craft malicious headers that would be interpreted differently by WEBrick and reverse proxies, enabling request smuggling. The functions handling these header validations are directly implicated in the CVE description and patch changes.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in Ru*y t*rou** *.*.*, *.*.x t*rou** *.*.*, *n* *.*.x t*rou** *.*.*. W**ri*k, * simpl* *TTP s*rv*r *un*l** wit* Ru*y, *** not ****k** t** tr*ns**r-*n*o*in* *****r v*lu* ri*orously. *n *tt**k*r m*y pot*nti*lly *xploit t*is issu

Reasoning

T** *it*u* p*t** s*ows *riti**l r***x p*tt*rn ***n**s in *ttpr*qu*st.r*: *. Tr*ns**r-*n*o*in* *****r ****k w*s ti**t*n** *rom /**unk**/ to /\***unk**\z/ *. *onn**tion *****r ****ks w*r* *n**or** wit* \* *n* \z. T**s* l*x r***x p*tt*rns in t** ori*