CVE-2025-66373 is a vulnerability in Akamai Ghost, a component running on Akamai CDN edge servers, that mishandles HTTP chunked transfer encoding. Specifically, when Akamai Ghost receives an HTTP request with a chunked body where the declared chunk size differs from the actual size of the chunk data, it incorrectly forwards the malformed request along with additional superfluous bytes to the origin server. This behavior can be exploited for HTTP request smuggling (CWE-444), where an attacker crafts a request that is interpreted differently by the CDN and the origin server, allowing the attacker to inject hidden or smuggled requests. The success of such an attack depends on the origin server's parsing logic and its tolerance for malformed chunked requests. The vulnerability has a CVSS v3.1 base score of 4.8, indicating medium severity, with network attack vector, high attack complexity, no privileges required, no user interaction, and impacts on confidentiality and integrity but not availability. No public exploits are known yet, and no patches have been linked, suggesting that mitigation currently relies on monitoring and configuration hardening. The vulnerability was published on December 4, 2025, and affects versions of Akamai Ghost prior to November 17, 2025.

For European organizations relying on Akamai CDN services, this vulnerability could allow attackers to perform HTTP request smuggling attacks, potentially bypassing security controls, injecting unauthorized requests, or manipulating web traffic confidentiality and integrity. This could lead to session hijacking, cache poisoning, web application firewall bypass, or unauthorized access to sensitive data. The impact is particularly concerning for organizations handling sensitive or regulated data, such as financial institutions, healthcare providers, and government agencies. However, the actual impact depends on the origin server's behavior and its ability to handle malformed chunked requests securely. Since the vulnerability does not affect availability directly and requires high attack complexity, the risk is moderate but should not be underestimated given the widespread use of Akamai CDN in Europe.

1. Monitor Akamai's official advisories and apply patches or updates to Akamai Ghost as soon as they become available to address this vulnerability. 2. Review and harden origin server configurations to reject or safely handle malformed chunked HTTP requests, minimizing the risk of request smuggling. 3. Implement strict input validation and HTTP request parsing on origin servers to detect and block suspicious chunked transfer encoding anomalies. 4. Employ Web Application Firewalls (WAFs) with updated rules capable of detecting HTTP request smuggling attempts. 5. Conduct regular security assessments and penetration testing focusing on HTTP request smuggling scenarios to identify potential weaknesses. 6. Consider deploying additional monitoring and anomaly detection on CDN traffic to identify unusual request patterns indicative of exploitation attempts. 7. Coordinate with Akamai support to understand any interim mitigations or configuration changes that can reduce exposure before patches are applied.