CVE-2022-45059 PoC — Varnish Cache 环境问题漏洞

Source

https://github.com/martinvks/CVE-2022-45059-demo

Associated Vulnerability

Title:Varnish Cache 环境问题漏洞 (CVE-2022-45059)
Description:An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend.

Readme

# CVE-2022-45059-demo

Varnish Cache releases 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.1.0, 7.1.1 and 7.2.0 have a request smuggling vulnerability where an attacker can request that the content-length header is made hop-by-hop.
This is a demo consisting of a Spring Boot web application running behind a vulnerable version of Varnish Cache.
A "victim" sends requests to the application every 5 seconds and the goal is to steal his cookies.

## Running the application

### Option 1 - Using prebuilt images
```
docker compose up
```
View the website at: http://localhost

### Option 2 - Build the images yourself
```
docker build -t <TAG_NAME> frontend
docker build -t <TAG_NAME> backend
docker build -t <TAG_NAME> victim
```
Update `docker-compose.yml` with your images and run `docker compose up`.  
View the website at: http://localhost

## Packet capture

Packet capturing is enabled on the backend and the pcap file is written to `./capture/backend.pcap`

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →