Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38475
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that areĀ permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that areĀ permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
0
0
0