ZDI-CAN-21876: ZDI-25-414: Ruby WEBrick read_header HTTP Request Smuggling Vulnerability
This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the readheaders method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests.
Other sources
This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2025-6442.
— ZDI
Affected Software
Event History
Frequently Asked Questions
What is the severity of ZDI-CAN-21876?
The severity of ZDI-CAN-21876 is rated at 6.5 on the CVSS scale.
How do I fix ZDI-CAN-21876?
To fix ZDI-CAN-21876, ensure you update to the latest version of Ruby WEBrick that addresses this vulnerability.
Who is affected by ZDI-CAN-21876?
ZDI-CAN-21876 affects installations of Ruby WEBrick that are deployed behind specific types of HTTP proxies.
What type of attacks does ZDI-CAN-21876 enable?
ZDI-CAN-21876 allows remote attackers to smuggle arbitrary HTTP requests.
Is ZDI-CAN-21876 easy to exploit?
ZDI-CAN-21876 can be exploited under specific conditions, depending on the configuration of the HTTP proxy.