Building a POC for CVE-2021-40438 by Firzen A crafted requ | PT SWARM

Building a POC for CVE-2021-40438

by Firzen

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. The author of the article found a way to exploit it

Contents:
• The Patch
• How to exploit?
• How uds_path is being set?
• Success
• Conclusion and Remarks

https://firzen.de/building-a-poc-for-cve-2021-40438

PT SWARM

🙋 2.98K
Technologies

Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...

Join
▲ Vote (1)

Building a POC for CVE-2021-40438 by Firzen A crafted requ | PT SWARM

Login