HTTP Request Smuggling Vulnerability in Akamai Ghost
CVE-2025-54142

4MEDIUM

Key Information:

Vendor: Akamai
Status: Akamaighost
Vendor: CVE Published:; 29 August 2025

What is CVE-2025-54142?

The vulnerability in Akamai Ghost allows HTTP Request Smuggling through an OPTIONS request with an entity body. This issue arises due to the potential for a subsequent request to be sent within the persistent connection established between an Akamai proxy server and an origin server. If the origin server does not adhere to certain Internet standards, it creates a loophole that could be exploited by an attacker, compromising web application security.

Affected Version(s)

AkamaiGhost 0 < 2025-07-21

References

https://community.akamai.com/customers/s/feed/0D5a700000W...

https://www.akamai.com/blog/security-research/advisory-cv...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2025
Vulnerability Reserved
Jul 17, 2025