Executive Summary: HTTP Request Smuggling Vulnerability (CVE-2025-55315) in ASP.NET Core and Visual Studio Code
What Happened:
A critical security vulnerability (CVE-2025-55315) has been identified in Microsoft ASP.NET Core and Visual Studio Code. This flaw, known as HTTP Request Smuggling (CWE-444), allows attackers to bypass security features due to inconsistent interpretation of HTTP requests between different components (e.g., Kestrel server and reverse proxies).
Why It Matters:
This vulnerability has a CVSS score of 9.9 (Critical) and can lead to severe consequences, including:
Unauthorized Access: Attackers can bypass authentication and access control mechanisms, potentially logging in as other users or hijacking sessions.
Data Exposure and Manipulation: Sensitive information can be viewed, and file contents on target servers can be altered.
Internal System Compromise: Attackers can access restricted internal endpoints or services normally inaccessible from the outside.
Privilege Escalation: In multi-tenant environments, attackers could cross tenant/session boundaries.
Who is Affected by CVE-2025-55315
Applications running ASP.NET Core 10.0 (version 10.0.0-rc.1.25451.107 or earlier), ASP.NET Core 9.0 (version 9.0.9 or earlier), ASP.NET Core 8.0 (version 8.0.20 or earlier), and ASP.NET Core 2.x applications consuming Microsoft.AspNetCore.Server.Kestrel.Core version 2.3.0 or earlier.
Environments with internet-exposed Kestrel instances or inconsistently configured reverse proxies (NGINX, IIS, Azure Front Door) are at higher risk.
Immediate Actions Required to fix CVE-2025-55315(Remediation Guidance):
Patch/Update:
.NET 8+: Apply the official .NET update from Microsoft Update and restart applications/reboot.
ASP.NET Core 2.3: Update Microsoft.AspNetCore.Server.Kestrel.Core to 2.3.6, recompile, and redeploy.
Self-contained applications: Install the runtime update, recompile, and redeploy.
Prioritize: Focus patching and verification on externally reachable Kestrel instances and public APIs.
Mitigations (if patching is delayed):
Configure edge proxies/WAFs to reject ambiguous Transfer-Encoding/Content-Length combinations and normalize header parsing.
Add WAF rules to block suspicious request framing.
Deploy a defending proxy that normalizes request parsing in front of Kestrel.
The issue is where services use the Dot Net base image, that was vulnerable up to the 14th October! Services that are built upon base images such as aspnet:8.0-jammy-chiseled-extra will need rebuilding and deploying to pick up the latest base image with the patch. That makes the remediation particularly tricky as it could mean a lot of services need redeploying.
Neil Reed, Principal AppSec Engineer
Phoenix Security Recommendation:
Create a targeted remediation campaign for all affected applications.
Prioritize remediation for externally reachable assets or services handling authentication/session management.
Utilize Phoenix contextual deduplication to streamline findings.
Validate proxy and backend parsing configurations to prevent HTTP desynchronization.
Business Risk:
This vulnerability poses a high business criticality in customer-facing or multi-tenant SaaS environments, especially for web-facing applications using .NET or Visual Studio Code. It could lead to confidentiality breaches affecting regulatory controls like GDPR or SOC 2. Operational impact is moderate, requiring application restarts for remediation.
Overview of CVE-2025-55315
A security feature bypass vulnerability exists in ASP.NET Core where inconsistent interpretation of HTTP requests between components can enable an attacker to manipulate request parsing logic.
This inconsistency may permit HTTP Request Smuggling (CWE-444), allowing a malicious actor with valid access to interfere with authentication or authorization logic, bypass security controls, and potentially inject or redirect requests across internal trust boundaries.
The flaw impacts environments where Kestrel or reverse proxies process HTTP requests with differing interpretations of headers and payloads.
Why is CVE-2025-55315 potentially bad:
Microsoft evaluated this as a security feature bypass that changes scope. Kestrel parsing differences permit a hidden (smuggled) request to be delivered to application code while the gateway or front-end thinks a different logical request happened. Microsoft scores for worst-case application impact rather than the bare HTTP-parsing primitive. That approach drives the CVSS to 9.9: the vulnerability can change trust boundaries and escalate what an otherwise low-risk primitive could do when combined with vulnerable application logic.
Concrete attacker outcomes (realistic scenarios)
A successful request-smuggling attack does not have a fixed payload type — its impact depends entirely on what the target application does with the smuggled request. Examples observed or plausible:
Login-as-another-user (EOP / session confusion). A smuggled request can reuse or hijack an existing session context or cause the server to attach a different authentication token to the hidden request, allowing the attacker to act as another authenticated user.
Server-Side Request Forgery (SSRF) / internal request execution. The smuggled request can target internal-only endpoints or metadata services that are normally inaccessible from the outside.
CSRF bypass. If an application performs CSRF checks based on one request but the smuggled request is evaluated by application logic without those checks, attacker-controlled actions can succeed.
Injection or parameter pollution. Smuggled requests can carry payloads that bypass input validation or reach code paths that were not hardened against untrusted input, enabling SQL/command/in-template injections.
Cache poisoning and routing manipulation. Smuggled responses or request routing differences can poison caches or cause privileged responses to be incorrectly cached/delivered.
Privilege escalation in multi-tenant apps. In multi-tenant or multi-session environments, the smuggled request can cross tenant/session boundaries, causing data leakage or action execution in the wrong tenant context.
Why some apps are safe and others are dangerously exposed
Apps behind gateways/proxies that normalize or strip smuggled content (for example, proxies that reject inconsistent Transfer-Encoding / Content-Length combos) are protected.
Apps that perform strict per-request validation (authentication, CSRF, origin checks, token validation) at a single, centralized layer reduce the attack surface.
Apps that have ad hoc or per-request state handling (custom auth logic that reads different headers at different stages, or code that trusts raw socket-level details) are at greatest risk.
Probability & conditions that raise risk
Internet-exposed endpoints with Kestrel directly reachable or with misconfigured/transparent proxies: High priority.
APIs that accept mixed HTTP/1.0/1.1 traffic or rely on non-standard header parsing: elevated risk.
Framework-dependent deployments (relying on server runtime) where operator patching lags: higher risk than self-contained apps that can be rebuilt and redeployed quickly.
Apps that perform authentication or authorization decisions with partial request context or that accept requests from internal proxies without revalidation: high risk.
Overall exploitability remains constrained by the need for an attacker to craft smuggled requests and, often, to have at least some access (valid session or ability to send network traffic). But where those conditions exist — especially with internet-exposed Kestrel or inconsistent proxy stacks — the potential impact is severe.
CVE-2025-55315 Technical Summary
Field
Detail
Vendor
Microsoft
Product
ASP.NET Core
Component
HTTP Request Parsing / Kestrel Server
Weakness (CWE)
444 — Inconsistent Interpretation of HTTP Requests
The vulnerability arises from inconsistent parsing and interpretation of HTTP requests between the ASP.NET Core runtime and underlying HTTP server components.
An attacker leveraging malformed HTTP requests can trigger request smuggling, where the front-end and back-end servers process different logical requests, enabling the bypass of certain security features such as input validation, request filtering, or authentication checks.
Impact
A successful exploitation could enable an authorized attacker to:
Bypass authentication or access control mechanisms.
Manipulate or replay HTTP requests within the same session context.
Access restricted endpoints or alter response behavior.
In specific configurations, poison intermediary caches or route unauthorized traffic internally.
While exploitation requires valid credentials or access to an authenticated session, the impact on confidentiality and integrity is high, especially in environments processing sensitive or regulated data.
Exploitation Probability
Reachability: Limited to authenticated users with network access.
Complexity: Low (crafted HTTP requests).
Exploit Availability: None public.
Phoenix Exploitability Rating: Critical to High on exposed system, Medium to Low probability on other systems
Phoenix Contextual Assessment:
If the application is internet-facing, or reverse proxies (e.g., NGINX, IIS, or Azure Front Door) are inconsistently configured, the probability of exploitability increases.
Within internal services or microservice architectures, risk depends on parsing behavior alignment across layers.
Whilst Bypass has a medium to low probability of exploitation, Input validation has a High probability of ransomware and exploitation
Moreover, being an HTTP-based request, and when in NGINX, IIS, or other web-facing applications, the priority of this vulnerability should be raised
• Download / Package update: NuGet package index for Kestrel core (reference to package family). (Use NuGet to fetch Microsoft.AspNetCore.Server.Kestrel.Core and update to 2.3.6). 
• The Microsoft Update Catalog entries above are the official packaged updates for Visual Studio — they list the security update packages (search results summarized). Use the Catalog entry pages to download update packages for offline deployment. 
• For ASP.NET Core, use the .NET download pages (links above) to get the ASP.NET Core Runtime/Hosting bundles or SDKs appropriate to your OS and deployment model (framework-dependent vs self-contained). 
Get on top of your code and container vulnerabilities with Phoenix Security Actionable ASPM
Organizations often face an overwhelming volume of security alerts, including false positives and duplicate vulnerabilities, which can distract from real threats. Traditional tools may overwhelm engineers with lengthy, misaligned lists that fail to reflect business objectives or the risk tolerance of product owners.
Phoenix Security offers a transformative solution through its Actionable Application Security Posture Management (ASPM), powered by AI-based Contextual Quantitative analysis. This innovative approach correlates runtime data with code analysis to deliver a single, prioritized list of vulnerabilities. This list is tailored to the specific needs of engineering teams and aligns with executive goals, reducing noise and focusing efforts on the most critical issues. Why do people talk about Phoenix
• Automated Triage: Phoenix streamlines the triage process using a customizable 4D risk formula, ensuring critical vulnerabilities are addressed promptly by the right teams.
• Contextual Deduplication: Utilizing canary token-based traceability, Phoenix accurately deduplicates and tracks vulnerabilities within application code and deployment environments, allowing teams to concentrate on genuine threats.
• Actionable Threat Intelligence: Phoenix provides real-time insights into vulnerabilities’ exploitability, combining runtime threat intelligence with application security data for precise risk mitigation.
By leveraging Phoenix Security, you not only unravel the potential threats but also take a significant stride in vulnerability management, ensuring your application security remains up to date and focuses on the key vulnerabilities.
Get in control of your Application Security posture and Vulnerability management
Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.
Francesco is an internationally renowned public speaker, with multiple interviews in high-profile publications (eg. Forbes), and an author of numerous books and articles, who utilises his platform to evangelize the importance of Cloud security and cutting-edge technologies on a global scale.
Phoenix Security has completed its SOC 2 Type 2 report, reinforcing our ISO 27001 and data privacy commitments. Our Actionable ASPM helps teams cut noise and ship fixes that matter, powered by reachability analysis, contextual deduplication, and human-aligned AI agents. Customers like ClearBank, Bazaarvoice, and Integral Ad Science report double-digit reductions in criticals and massive time savings. If you need verifiable trust and faster remediation across code-to-cloud, Phoenix Security turns risk data into a single, prioritized backlog that engineering actually executes.
Most enterprises drown in vulnerability data yet starve for attribution. By mapping ownership, location, exposure, and business impact, Phoenix Security’s ASPM turns that swamp into a laser‑focused task list. Only then do three autonomous agents—Researcher, Analyzer, and Remediator—kick in, collaborating to recommend fixes and workflow automation that 10× security‑engineering output. Skip the context and you’ll waste money, requests, tokens, carbon, and human patience on hallucinated advice.
For startups, the focus is clear—establish visibility and ensure core security practices are in place. Application Security Posture Management (ASPM) tools provide a straightforward, automated approach to detecting vulnerabilities and enforcing policies. These solutions help reduce risk quickly without overburdening small security teams.
Mature organizations, on the other hand, are tackling a different set of problems. With the sheer number of vulnerabilities and an increasingly complicated threat landscape, enterprises need to fine-tune their approach. The goal shifts toward intelligent remediation, leveraging real-time threat intelligence and advanced risk prioritization. ASPM tools at this stage do more than just detect vulnerabilities—they provide context, enable proactive decision-making, and streamline the entire remediation process.
The emergence of AI-assisted code generation has further complicated security in both environments. These tools, while speeding up development, are often responsible for introducing new vulnerabilities into applications at a faster pace than traditional methods. The challenge is clear: AI-generated code can hide flaws that are difficult to catch in the rush of innovation. Both startups and enterprises need to adjust their security posture to account for these new risks. ASPM platforms, like Phoenix Security, provide automated scanning of code before it hits production, ensuring that flaws don’t make it past the first line of defense.
Meanwhile, organizations are also grappling with the backlog crisis in the National Vulnerability Database (NVD). A staggering number of CVEs remain unprocessed, leaving many businesses with limited data on which to base their patching decisions. While these delays leave companies vulnerable, Phoenix Security steps in by cross-referencing CVE data with known exploits and live threat intelligence, helping organizations stay ahead despite the lag in official vulnerability reporting.
Whether just starting their security program or managing a complex infrastructure, organizations need a toolset that adapts with them. Phoenix Security enables businesses of any size to prioritize vulnerabilities based on actual risk, not just theoretical impact, helping security teams navigate the evolving threat landscape with speed and accuracy.
Shai Hulud weaponised npm’s trust model: stolen maintainer creds, poisoned tarballs, and stealthy GitHub Actions that exfiltrate secrets and persist in CI. 500+ packages were touched in days, starting with @ctrl/tinycolor. This analysis maps the blast radius and delivers a practical remediation plan—pin versions, block direct npm with a proxy, rotate tokens, and strip backdoor workflows—grounded in ASPM and reachability.
Phoenix Security is redefining ASPM vulnerability management with ownership attribution, AI-driven remediation, and contextual noise reduction. Recognized as a Major Player in the IDC MarketScape, the platform connects DevSecOps, code-to-cloud security, and measurable business impact.
A coordinated npm compromise hit @ctrl/tinycolor and dozens of related packages. The payload auto-trojanizes maintainers’ projects, scans for GitHub/NPM/cloud creds using TruffleHog, plants a backdoor GitHub Actions workflow, and exfiltrates to a webhook. This piece breaks down the attack chain and lays out decisive DevSecOps and ASPM actions to contain and harden.
Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.
Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.
Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.
Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team. In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.
Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.
Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.
Join our Mailing list!
Get all the latest news, exclusive deals, and feature updates.
