Miggo Logo
Miggo Vulnerability Database
CVE-2020-35669

CVE-2020-35669: http before 0.13.3 vulnerable to header injection

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-35669
GHSA ID
GHSA-4rgh-jx4f-qfcq
EPSS Score
0.9594%
CWE
CWE-74
Published
5/24/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyDart

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
httppub< 0.13.30.13.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from the lack of validation on the 'method' parameter in the BaseRequest constructor. The patch added a RegExp validation (_tokenRE) to ensure only valid HTTP token characters are allowed. The pre-patch code in base_request.dart directly assigned 'this.method' without sanitization, making it the clear injection vector. The CWE-74 classification and CRLF injection scenario described in advisories directly implicate this constructor as the vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in t** *ttp p**k*** ***or* *.**.* *or **rt. I* t** *tt**k*r *ontrols t** *TTP m*t*o* *n* t** *pp is usin* R*qu*st *ir**tly, it's possi*l* to ***i*v* *RL* inj**tion in *n *TTP r*qu*st vi* *TTP *****r inj**tion. T*is issu* **s *

Reasoning

T** vuln*r**ility st*mm** *rom t** l**k o* v*li**tion on t** 'm*t*o*' p*r*m*t*r in t** **s*R*qu*st *onstru*tor. T** p*t** ***** * R***xp v*li**tion (_tok*nR*) to *nsur* only v*li* *TTP tok*n ***r**t*rs *r* *llow**. T** pr*-p*t** *o** in **s*_r*qu*st.