Undertow Request Smuggling Vulnerability (CVE-2026-28368)
CVE-2026-28368 is a vulnerability in Undertow that allows a remote attacker to construct specially crafted requests, leading to request smuggling attacks and potential bypass of security controls, resulting in unauthorized resource access.
CVE-2026-28368 is a critical vulnerability found in the Undertow web server. This flaw enables a remote attacker to craft specialized HTTP requests that Undertow parses differently compared to upstream proxies. This discrepancy allows attackers to conduct request smuggling attacks, effectively bypassing security measures and potentially gaining unauthorized access to sensitive resources. The vulnerability stems from inconsistent interpretation of HTTP requests, which is a common issue in web…
Detection coverage 2
Detect Suspicious HTTP Headers
highDetects potentially malicious HTTP requests with unusual or crafted headers that could indicate request smuggling attempts.
Detect Potential Request Splitting via Content-Length
mediumDetects HTTP requests with suspicious Content-Length headers that may be used for request smuggling.
Detection queries are kept inside the platform. Get full rules →