HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy and a server. This can lead to unauthorized access, bypassing security controls, session hijacking, data leakage, and potentially arbitrary code execution.
The vulnerability lies in the fact that the proxy and backend server interpret HTTP request boundaries differently — a phenomenon known as HTTP Request Smuggling. An attacker sends a crafted HTTP request that the proxy treats as one request, while the target server interprets it as two separate requests. This makes it possible to inject an additional request into the communication stream, which is processed by the server in the context of another user or with elevated privileges.
An attacker can gain unauthorized access to application resources, bypass security control mechanisms, hijack another user's session, lead to disclosure of sensitive data, and potentially execute arbitrary code on the server (RCE).
Patches available from the vendor should be applied in accordance with the references. Additionally, it is recommended to verify the proxy layer configuration for consistent handling of Transfer-Encoding and Content-Length headers, and to limit the application's exposure to public network traffic until the patch is applied.
netease-youdao/qanything version 1.4.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HYoudao Qanything
APPYoudao1.4.1
Related vulnerabilities
A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything ...
A local file inclusion vulnerability exists in netease-youdao/qanything version v2.0.0. This vulnerability all...
A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This vulnerability all...
A stored Cross-Site Scripting (XSS) vulnerability exists in netease-youdao/QAnything. Attackers can upload mal...