Apache HTTPd newline resolution vulnerability CVE-2017-15715
Apache HTTPd newline resolution vulnerability CVE-2017-15715
Apache HTTPd newline resolution vulnerability CVE-2017-15715
Vulnerability Description
Apache HTTPD is an HTTP server that can run PHP web pages through mod_php.
Vulnerability Impact
Apache HTTPd version 2.4.0~2.4.29
Network surveying and mapping
Vulnerability reappears
Uploading malicious files directly will be blocked
Modify the following parameters
Response is 200, successfully bypassed
Visiting https://xxx.xxx.xxx.xxx:8080/evil.php successfully triggered the parsing vulnerability
This post is licensed under CC BY 4.0 by the author.