Miggo Logo
Miggo Vulnerability Database
CVE-2024-47220

CVE-2024-47220:
HTTP Request Smuggling in ruby webrick

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-47220
GHSA ID
GHSA-6f62-3596-g6w7
EPSS Score
0.3079%
CWE
CWE-444
Published
9/22/2024
Updated
9/25/2024
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
webrickrubygems<= 1.8.11.8.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from WEBrick's failure to reject requests containing both Content-Length and Transfer-Encoding headers. The commit f5faca9 explicitly adds a check in the read_body method to detect this condition and raise an error. The pre-patch version of read_body in httprequest.rb lacked this validation, making it the vulnerable function. The test case in test_httprequest.rb confirms the exploit scenario targets this function's behavior.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in t** W**ri*k toolkit t*rou** *.*.* *or Ru*y. It *llows *TTP r*qu*st smu**lin* *y provi*in* *ot* * *ont*nt-L*n*t* *****r *n* * Tr*ns**r-*n*o*in* *****r, *.*., "**T /**min *TTP/*.*\r\n" insi** o* * "POST /us*r *TTP/*.*\r\n" r*

Reasoning

T** vuln*r**ility st*ms *rom W**ri*k's **ilur* to r*j**t r*qu*sts *ont*inin* *ot* *ont*nt-L*n*t* *n* Tr*ns**r-*n*o*in* *****rs. T** *ommit ******* *xpli*itly ***s * ****k in t** r***_*o*y m*t*o* to **t**t t*is *on*ition *n* r*is* *n *rror. T** pr*-p*