Description
An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai servers interpret the request, allowing an attacker to smuggle a second request in the original request body.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None
Affected products
- Akamai / AkamaiGhost0 – 2025-03-26
References
- MISChttps://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/100
- MISChttps://www.rfc-editor.org/rfc/rfc9112.html#name-obsolete-line-folding
- MISChttps://www.akamai.com/blog/security/cve-2025-32094-http-request-smuggling
- MISChttps://www.blackhat.com/us-25/briefings/schedule/#http1-must-die-the-desync-endgame-45103