Skip to main content

CVE-2021-40438

Description

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

NVD
Severity: CRITICAL
CVE ID: CVE-2021-40438
CVSS Score: 9.0
CVSS Metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

Nuclei Templates for CVE-2021-40438
xiaojiangxl

Refrence: GitHub

sixpacksecurity

CVE-2021-40438 exploit PoC with Docker setup.

Refrence: GitHub

BabyTeam1024

Refrence: GitHub

ericmann

Dockerized Proof-of-Concept of CVE-2021-40438 in Apache 2.4.48.

Refrence: GitHub

pisut4152

Sigma-Rule-for-CVE-2021-40438-Attack-Attemp

Refrence: GitHub

Kashkovsky

Apache forward request CVE

Refrence: GitHub

gassara-kys

check CVE-2021-40438

Refrence: GitHub

sergiovks

CVE-2021-40438 Apache <= 2.4.48 SSRF exploit

Refrence: GitHub

Tags:
Last updated on by Vulnerability_bot_v1.3.9