CVE-2025-66373

Name of the Vulnerable Software and Affected Versions Akamai (affected versions not specified)

Description A flaw exists in Akamai that allows for HTTP request smuggling due to an invalid chunked body size. This issue, identified as a discrepancy between the chunk size and chunk data, enabled smuggled requests to be forwarded directly to the origin server. The vulnerability silently forwarded traffic for approximately two months before being addressed on November 17th. The issue involves the potential for malicious actors to inject requests into the HTTP traffic stream, potentially compromising the security of web applications and backend systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.