CVE-2026-9170

Published: Mag 26, 2026 Last Modified: Mag 26, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,5

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: low

Availability: none

Description

AI Translation Available

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to improper input validation.

444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Non-Repudiation Access Control

Potential Impacts:

Unexpected State Hide Activities Bypass Protection Mechanism

Applicable Platforms

Technologies: Web Based, Web Server

View CWE Details

https://www.ibm.com/support/pages/node/7274072

CVE-2026-9170

Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter