Intigriti - Bug Bytes: HTTP Request Smuggling Via HTTP/2

Posted on Sep 16, 2020 12:16:08 PM

Jake Miller's recent blog on h2c request smuggling was covered in Intigriti's Bug Bytes newsletter. In the post, Jake demonstrates how upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers.

Read more here


Submit a Media Request

Please get in touch with our PR Team for any press or PR related inquiries.



Subscribe to Updates