A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
PoC: CVE-2021-40438
CVE-2021-40438 exploit PoC with Docker setup.
PoC: CVE-2021-40438
Apache forward request CVE
PoC: check-point-gateways-rce
Check Point Security Gateways RCE via CVE-2021-40438
PoC: Sigma-Rule-for-CVE-2021-40438-exploitation-attempt
Sigma-Rule-for-CVE-2021-40438-Attack-Attemp
PoC: check-point-gateways-rce
Check Point Security Gateways RCE via CVE-2021-40438
PoC: CVE-2021-40438
Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery
PoC: CVE-2021-40438-Apache-2.4.48-SSRF-exploit
CVE-2021-40438 Apache <= 2.4.48 SSRF exploit
PoC: CVE-2021-40438_Docker_2
Second one for web vulnerability (FYP Project, for own use only)
PoC: CVE-2021-40438_Docker
An Application Server Docker build for CVE-2021-40438
PoC: CVE-2021-40438
check CVE-2021-40438
PoC: apache-cve-poc
Dockerized Proof-of-Concept of CVE-2021-40438 in Apache 2.4.48.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free