Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache HTTP Server Improper Input Validation Vulnerability - CVE-2017-15715 - Vulnerability Database
Apache HTTP Server

Apache HTTP Server Improper Input Validation Vulnerability - CVE-2017-15715

High
Reference: CVE-2017-15715
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-15715
Title: Apache HTTP Server Improper Input Validation Vulnerability
Overview:

In Apache httpd 2.4.0 to 2.4.29 the expression specified in ltFilesMatchgt could match 3939 to a newline character in a malicious filename rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked but only by matching the trailing portion of the filename.