Apache – CVE-2022-26377

Description

Kayran has detected that the Version of Apache HTTP Server being used is vulnerable to Inconsistent Interpretation of HTTP Requests (‘HTTP Request Smuggling’).
Also known as CVE-2022-26377.

Abusing this vulnerability in mod_proxy_ajp of Apache HTTP Server allow attackers to smuggle requests to the AJP server it forwards requests to.

There’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To fix CVE-2022-26377, upgrade the version of Apache HTTP Server being used to 2.4.54 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377

https://cwe.mitre.org/data/definitions/444.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »