Gakido HTTP Header Injection Vulnerability Allowing CRLF Injection
Vulnerability
A vulnerability exists in Gakido, a Python HTTP client, allowing HTTP header injection via CRLF sequences in user-supplied header values and names. This issue is present in Gakido versions prior to 0.1.1. The vulnerability arises because user-controlled header values can include CRLF characters, null bytes, or line feeds, enabling the injection of arbitrary HTTP headers into requests. Exploitation could lead to various impacts, including HTTP response splitting, cache poisoning, session fixation, and bypassing server-side security controls.
Impact
Exploitation of this vulnerability allows for arbitrary HTTP header injection. This could be used to manipulate HTTP responses, poison caches, fixate sessions, or bypass security controls on the server side.
Reproduction
The vulnerability can be reproduced by using Gakido's 'Client' class to send a request with a user-defined header that includes CRLF sequences, null bytes, or line feeds. The injected headers can be verified by checking the response or the headers received by the server.
Remediation
Users can upgrade to Gakido version 0.1.1 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.