Building a POC for CVE-2021-40438 by Firzen A crafted requ | PT SWARM
BuildingaPOC for CVE-2021-40438
by Firzen
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. The author of the article found a way to exploit it
Contents: • The Patch • How to exploit? • How uds_path is being set? • Success • Conclusion and Remarks
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...