Symptoms -
Security scans show Request Smuggling vulnerability on IIS server.
The vulnerability allows a remote attacker to perform HTTP request smuggling attack.
The vulnerability exists due to the way that HTTP proxies (front-end) and web servers (back-end) that do not strictly adhere to RFC standards handle sequences of HTTP requests received from multiple sources. A remote attacker can send a specially crafted request to a targeted IIS Server, perform HTTP request smuggling attack and modify responses or retrieve information from another user's HTTP session.
Resolution:
Enable the request smuggling filter on your web server by using the Registry Editor
- Click Start, click Run, type Regedit in the Open box, and then click OK.
- Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
- Set DWORD type value DisableRequestSmuggling to one of the following:
- Set to 0 to disable the filter
- Set to 1 to enable the filter
- Exit Registry Editor.
- Restart the computer.
Updated Nov 28, 2023
Version 1.0PradeepSharma
Microsoft
Joined February 21, 2023
IIS Support Blog
Follow this blog board to get notified when there's new activity