Apache mod_proxy 2.4.48 SSRF
Impact: Medium
Description
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Recommendation
Update the Apache HTTP server
References
👉 You might also like:
Apache 2.4.49 Path Traversal and RCE - CVE-2021-41773, CVE-2021-42013
Apache mod_jk Access Control Bypass - CVE-2018-11759
Apache Expect Header Cross Site Scripting - CVE-2006-3918
HTTP Protocol Stack Remote Code Execution Vulnerability (DOS) - CVE-2021-31166
Last updated on December 12, 2021