BlackSheep, White Noise: Breaking the HTTP Client with CRLF Injection
Vulnerability ID: CVE-2026-22779
CVSS Score: 6.3
Published: 2026-01-14
A deep dive into how the BlackSheep Python web framework's HTTP client failed to sanitize input, allowing attackers to inject headers and split requests via classic CRLF injection.
TL;DR
BlackSheep's ClientSession trusted user input a little too much. By failing to strip Carriage Return and Line Feed characters from headers and URLs, the framework allowed attackers to rewrite HTTP requests on the wire. This could lead to Header Injection, Request Splitting, and general protocol anarchy.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-113 (CRLF Injection)
- CVSS v4.0: 6.3 (Medium)
- Attack Vector: Network
- Vendor: Neoteroi
- Fix Commit: bd4ecb9542b5d52442276b5a6907931b90f38d12
- Exploit Status: PoC Available / Logic Flaw
Affected Systems
- BlackSheep Web Framework (Python)
- Applications using BlackSheep.ClientSession
- Microservices relying on BlackSheep for HTTP proxying
-
BlackSheep: < 2.4.6 (Fixed in:
2.4.6)
Code Analysis
Commit: bd4ecb9
Enforce validation of HTTP methods and sanitation of headers/URLs to prevent CRLF injection.
+ def _nocrlf(value: bytes) -> bytes:
+ return value.replace(b"\r", b"").replace(b"\n", b"")
Exploit Details
- Internal Research: Proof of concept involves passing a newline character in a header value to a ClientSession request.
Mitigation Strategies
- Update BlackSheep to version 2.4.6 or later immediately.
- Implement input validation for all data passed to HTTP headers.
- Use WAF rules to detect CRLF sequences (%0D%0A) in incoming request parameters.
Remediation Steps:
- Identify all services using
blacksheep< 2.4.6. - Run
pip install --upgrade blacksheep. - Verify the installed version is 2.4.6+.
- Restart the application services.
References
Read the full report for CVE-2026-22779 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)