HTTP Request Smuggling vulnerability in SAP Approuter allows unauthenticated attackers to exploit this flaw via specially crafted HTTP requests to access user responses and trigger denial-of-service attacks on the targeted system.
| Vendor | Product | Versions |
|---|---|---|
| sap | sap approuter | SAP Approuter node.js package < 20.10.0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| sap | sap software | cert_advisory | 90% |
Updated description with more technical detail and marked the vulnerability as actively exploited with an exploit available.
Initial creation