Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HTTP Request/Response Smuggling in Altitude Communication Server
Vulnerability Description
Illegal HTTP request traffic vulnerability (CL.0) in Altitude Communication Server, caused by inconsistent analysis of multiple HTTP requests over a single Keep-Alive connection using Content-Length headers. This can cause a desynchronization of requests between frontend and backend servers, which could allow request hiding, cache poisoning or security bypass.
CVSS Information
N/A
Vulnerability Type
HTTP请求的解释不一致性(HTTP请求私运)
Vulnerability Title
Altitude Communication Server 环境问题漏洞
Vulnerability Description
Altitude Communication Server是美国Altitude公司的一个IP联络中心软件。 Altitude Communication Server存在环境问题漏洞,该漏洞源于对单个Keep-Alive连接中多个HTTP请求的Content-Length标头分析不一致,可能导致请求隐藏、缓存投毒或安全绕过。
CVSS Information
N/A
Vulnerability Type
N/A