ZDI-25-414: Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

Published Jun 23, 2025

Updated

This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the readheaders method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests.

Other sources

This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2025-6442.

— ZDI

Affected Software

2 affected components

Ruby WEBrick

Event History

Jun 23, 2025

Advisory Published

via ZDI·05:00 AM

Data Sourced

via ZDI·05:00 AM

Description

Jun 27, 2025

Advisory Published

via ZDI·10:08 PM

Data Sourced

via ZDI·10:08 PM

SeverityAffected Software

Frequently Asked Questions

What is the severity of ZDI-25-414?

The CVSS rating for ZDI-25-414 is 6.5, indicating a medium level of severity.

How do I fix ZDI-25-414?

To fix ZDI-25-414, ensure you update Ruby WEBrick to the latest version that addresses this vulnerability.

Who is affected by ZDI-25-414?

ZDI-25-414 affects installations of Ruby WEBrick that are deployed behind specific HTTP proxies.

What type of attack is associated with ZDI-25-414?

ZDI-25-414 allows remote attackers to smuggle arbitrary HTTP requests.

What conditions must be met for ZDI-25-414 to be exploitable?

ZDI-25-414 is exploitable when Ruby WEBrick is configured behind an HTTP proxy that meets certain conditions.