HTTP Request Smuggling

HTTP Request Smuggling is an attack technique that abuses the discrepancy in parsing of non RFC compliant HTTP requests to smuggle a request to the second device through the first one. Web application firewalls deployed as reverse proxies like Airlock WAF are potentially affected by these attack techniques. Request smuggling vulnerabilities are often critical in nature, allowing an attacker to bypass security controls, gain unauthorized access to sensitive data, and directly compromise other application users [1].

Examples of such attack techniques include malformed HTTP headers or illegal combination of Content-Length and Transfer-Encoding headers in an HTTP requests [1].

Apache Tomcat fixed two issues related to HTTP Request Smuggling (CVE-2020-1935,  CVE-2019-17569) [2].

Airlock WAF is not affected and protects potential vulnerable back-ends including Airlock IAM.

Details:

Airlock WAF uses different, encapsulated software stacks for reading and reconstruction of HTTP requests. The protocol between these components is different from HTTP (protocol split). This architecture prevents common protocol-level attacks like HTTP requests smuggling or HTTP response splitting.