CVE-2026-28369 — ThreaTel

THREATEL Threat Intel

v0.1

CVE-2026-28369

HIGH 8.7

Published

2026-03-27

Last Modified

2026-03-31

Affected Apps

19

Affected Devices

57

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized actions or data exposure.

Affected Applications in Environment 19

Platform v17,38,0,0

Platform v17,17,0,0

Platform v17,15,0,0

Platform v3.1.119.0

Platform v3.1.116.0

Platform v3.1.120.0

Platform v17,24,0,0

fuse v2.9.9-17.el9

fuse v2.9.2-4ubuntu4.14.04.1

fuse v2.9.7-19.el8

fuse v2.9.7-1ubuntu1

fuse v2.9.4-1ubuntu3.1

fuse v2.9.4-1ubuntu3.1+esm1

fuse v2.9.9-17.el9

fuse v2.9.7-19.0.1.el8

fuse v2.9.9-17.el9

fuse v2.9.7-16.el8

fuse v2.9.2-11.el7

fuse v2.9.9-17.el9

Affected Devices 57

ARSUTLGU4000052 Windows DESKTOP-6US3N85 Windows DESKTOP-7IU23EB Windows DPEXAN-5CD017CV Windows DPHSNG-34Y86X3 Windows DPMATH-C11312G9 Windows FL217-2-ADOTTER Windows MICHELLEUSUHP Windows atc.db.usu.edu Linux chela03 Linux chela04 Linux chela05 Linux cleanaddressdev.banner.usu.edu Linux devjobsub.banner.usu.edu Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux guru.cluster Linux hotcheeto Linux my2 Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux web04a Linux web05 Linux web21 Linux web22 Linux zldtst.db.usu.edu Linux

References 2