Improper Input Validation

Affecting workerman/workerman package, versions >=0.0.0

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

workerman/workerman is an asynchronous event driven PHP framework for easily building fast, scalable network applications.

Affected versions of this package are vulnerable to Improper Input Validation. HTTP requests processed by workerman does not have adequate validation and as such, allows malformed Transfer-Encoding headers.

In cases where workerman is used as an intermediate proxy such as php-http-proxy as part of a part of a chain of servers , it is possible for an attacker to leverage this behaviour to conduct HTTP Request Smuggling.

PoC

Violation of RFC 7230 (Mishandling of Space)

POST / HTTP/1.1
Host:localhost
Transfer-Encoding : chunked
Content-Length: 4
Content-Type: application/x-www-form-urlencoded


0

Remediation

There is no fixed version for workerman/workerman.

References

CVSS Score

5.4
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    High
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Changed
  • Confidentiality
    Low
  • Integrity
    Low
  • Availability
    None
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N/E:P/RL:U/RC:R
Credit
Snyk Security Team
CWE
CWE-20
Snyk ID
SNYK-PHP-WORKERMANWORKERMAN-569105
Disclosed
27 Jul, 2020
Published
27 Jul, 2020