Last Modified: May 22, 2021
See more info
Known Affected Versions:
220.127.116.11, 16.0.1, 18.104.22.168, 16.0.0, 15.1.3, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 14.1.4, 13.1.4, 220.127.116.11, 18.104.22.168, 22.214.171.124
Opened: Apr 28, 2021
HTTP header corruption occurs after insertion/modification using an iRule in HTTP Headers which contain mixed end-of-line markers <CRLF> and <LF>.
Inserted headers get concatenated in such a way that the HTTP request header gets corrupted.
- HTTP virtual server - An iRule inserts an HTTP Request header - An HTTP request contains some lines that end with <CRLF> and some that end with <LF>
Use HTTP headers with proper end-of-line markers in compliance with HTTP RFC