CVE-2026-28368 — ThreaTel

THREATEL Threat Intel

v0.1

CVE-2026-28368

HIGH 8.7

Published

2026-03-27

Last Modified

2026-03-31

Affected Apps

19

Affected Devices

57

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources.

Affected Applications in Environment 19

Platform v17,38,0,0

Platform v17,17,0,0

Platform v17,15,0,0

Platform v3.1.119.0

Platform v3.1.116.0

Platform v3.1.120.0

Platform v17,24,0,0

fuse v2.9.9-17.el9

fuse v2.9.2-4ubuntu4.14.04.1

fuse v2.9.7-19.el8

fuse v2.9.7-1ubuntu1

fuse v2.9.4-1ubuntu3.1

fuse v2.9.4-1ubuntu3.1+esm1

fuse v2.9.9-17.el9

fuse v2.9.7-19.0.1.el8

fuse v2.9.9-17.el9

fuse v2.9.7-16.el8

fuse v2.9.2-11.el7

fuse v2.9.9-17.el9

Affected Devices 57

ARSUTLGU4000052 Windows DESKTOP-6US3N85 Windows DESKTOP-7IU23EB Windows DPEXAN-5CD017CV Windows DPHSNG-34Y86X3 Windows DPMATH-C11312G9 Windows FL217-2-ADOTTER Windows MICHELLEUSUHP Windows atc.db.usu.edu Linux chela03 Linux chela04 Linux chela05 Linux cleanaddressdev.banner.usu.edu Linux devjobsub.banner.usu.edu Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux guru.cluster Linux hotcheeto Linux my2 Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux web04a Linux web05 Linux web21 Linux web22 Linux zldtst.db.usu.edu Linux

References 2