VDB
GHSA-6hc3-539h-6xc6
GHSA-6hc3-539h-6xc6
PUBLISHED
Exploit Intelligence
- SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between ICM and backend services using crafted Content-Length-based payloads. (github-poc-repo)
- SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between ICM and backend services using crafted Content-Length-based payloads. (github-poc-repo)
- Fast, socket-level scanner for detecting CVE-2022-22536 in SAP ICM or Web Dispatcher instances. Performs request smuggling tests with a crafted MPI-desync payload. Supports batch scanning IP:PORT targets via plain text files. (github-poc-repo)
- Fast, socket-level scanner for detecting CVE-2022-22536 in SAP ICM or Web Dispatcher instances. Performs request smuggling tests with a crafted MPI-desync payload. Supports batch scanning IP:PORT targets via plain text files. (github-poc-repo)
- Fast, socket-level scanner for detecting CVE-2022-22536 in SAP ICM or Web Dispatcher instances. Performs request smuggling tests with a crafted MPI-desync payload. Supports batch scanning IP:PORT targets via plain text files. (github-poc)
- Fast, socket-level scanner for detecting CVE-2022-22536 in SAP ICM or Web Dispatcher instances. Performs request smuggling tests with a crafted MPI-desync payload. Supports batch scanning IP:PORT targets via plain text files. (github-poc)
- SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between ICM and backend services using crafted Content-Length-based payloads. (github-poc)
- SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between ICM and backend services using crafted Content-Length-based payloads. (github-poc)
- tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536 (github-poc)
- tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536 (github-poc)
…and 12 more exploits
Timeline
- CVE Published
- Apr 9, 2026 Security Advisory