CVE-2025-66373 – CVE-2025-66373 is an HTTP request smuggling vul... (How to Fix)

Q: What is the severity of CVE-2025-66373?

CVE-2025-66373 has a CVSS score of 4.8 (MEDIUM). CVE-2025-66373 is an HTTP request smuggling vulnerability in Akamai Ghost on Akamai CDN edge servers. It allows attackers to hide malicious requests in chunked HTTP bodies that get forwarded to origin servers. Organizations using affected Akamai CDN configurations before November 17, 2025 are potentially vulnerable.

📋 TL;DR

CVE-2025-66373 is an HTTP request smuggling vulnerability in Akamai Ghost on Akamai CDN edge servers. It allows attackers to hide malicious requests in chunked HTTP bodies that get forwarded to origin servers. Organizations using affected Akamai CDN configurations before November 17, 2025 are potentially vulnerable.

💻 Affected Systems

Products:

Akamai Ghost on Akamai CDN edge servers

Versions: All versions before 2025-11-17

Operating Systems: Not OS-specific - affects Akamai edge infrastructure

Default Config Vulnerable: ⚠️ Yes

Notes: Exploitability depends on origin server behavior and configuration. Only affects Akamai CDN customers using Ghost.

📦 What is this software?

Akamaighost by Akamai

View all CVEs affecting Akamaighost →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers bypass security controls, poison caches, steal user data, or perform account takeover by smuggling malicious requests to backend servers.

🟠

Likely Case

Cache poisoning leading to stored XSS, session hijacking, or credential theft depending on origin server behavior.

🟢

If Mitigated

Limited impact with proper origin server validation and request filtering in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires understanding of HTTP chunked encoding and origin server behavior. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Akamai edge servers updated after 2025-11-17

Vendor Advisory: https://www.akamai.com/blog/security/cve-2025-66373-http-request-smuggling-chunked-body-size

Restart Required: No

Instructions:

1. Contact Akamai support to confirm your edge servers are updated. 2. Akamai automatically patches edge infrastructure - no customer action required for CDN updates. 3. Verify origin servers are properly configured to handle malformed requests.

🔧 Temporary Workarounds

Origin Server Request Validation

all

Configure origin servers to reject malformed chunked requests and validate HTTP request formatting.

WAF Rule Implementation

all

Deploy Web Application Firewall rules to detect and block HTTP request smuggling attempts.

🧯 If You Can't Patch

Implement strict HTTP request validation on all origin servers
Deploy additional request inspection layers between CDN and origin servers

🔍 How to Verify

Check if Vulnerable:

Check with Akamai support to confirm edge server version dates. Test with controlled HTTP smuggling payloads against your infrastructure.

Check Version:

Contact Akamai support - no direct customer command available for edge server version checking.

Verify Fix Applied:

Confirm with Akamai that edge servers are updated post-2025-11-17. Test with HTTP smuggling test tools to verify requests are properly rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP 400/413 errors from origin servers
Mismatched request-response patterns in logs
Unexpected duplicate requests to backend

Network Indicators:

Malformed chunked transfer encoding in HTTP requests
Requests with mismatched Content-Length and chunk sizes

SIEM Query:

http.method:* AND (http.content_length != calculated_length OR http.chunked_encoding:malformed)

📊 Metadata

CVE ID: CVE-2025-66373

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-444

EPSS Score: 0.05% exploit probability (15.6th percentile)

Published: December 4, 2025

Last Updated: December 16, 2025

🔗 References

https://en.wikipedia.org/wiki/HTTP_request_smuggling Technical Description
https://www.akamai.com/blog/security/cve-2025-66373-http-request-smuggling-chunked-body-size Vendor Advisory,Mitigation

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66373, you might also want to check these: