N/A

Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message framing, depending on the Akamai processing path. This could result in the origin server parsing the request body incorrectly, leading to HTTP request smuggling.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

HTTP请求的解释不一致性(HTTP请求私运)

Akamai Ghost 环境问题漏洞

Akamai Ghost是美国Akamai公司的一个HTTP服务程序。 Akamai Ghost 2026-02-06之前版本存在环境问题漏洞，该漏洞源于处理自定义逐跳HTTP标头不当，可能导致HTTP请求夹带。

N/A

N/A