CNVD-2022-41638 — Vulnetix

CNVD-2022-41638 PUBLISHED

Apache HTTP Server是美国阿帕奇（Apache）基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.52及更早版本存在输入验证错误漏洞，该漏洞源于如在32位系统上将LimitXMLRequestBody设置为允许大于350MB（默认为 1M）的请求正文，攻击者可利用该漏洞导致整数溢出的越界写入。

Affected Products

Vendor	Product	Versions
	Apache HTTP Server <=2.4.52

Exploit Intelligence

macos_v2_generated.go (github-poc)
macos_v1_generated.go (github-poc)

Timeline

Mar 16, 2022 CVE ID Reserved
May 28, 2022 CVE Published

References

https://nvd.nist.gov/vuln/detail/CVE-2022-22721 url

Open in Interactive Console →