# Request smuggling
### What is the Request smuggling?
HTTP request smuggling is a technique for interfering with the way a web site processes sequences of HTTP requests that are received from one or more users. Request smuggling vulnerabilities are often critical in nature, allowing an attacker to bypass security controls, gain unauthorized access to sensitive data, and directly compromise other application users.
## Basic CL.TE vulnerability
#### Check using the Timeout method
> **Fronend:** CL (Content-Length)
>
> **Backend:** TE (Transfer-Encoding)
1. Change the request attributes HTTP/2 to HTTP/1 and the method GET to POST. Add the content length and payload as mentioned below. Make sure "***Update Content-length***" is disabled.
Burp Repeater > Inspector > Request attributes
### Basic TE.CL Vulnerability
#### Check using the Timeout method
> **Fronted:** Transfer Encoding
>
> **Backend:** Content Length
1. Change the request attributes HTTP/2 to HTTP/1 and the method GET to POST. Add the content length and payload as mentioned below. Make sure "***Update Content-length***" is disabled.
