cbcvebase.
CVE-2007-5654
published 2007-10-23

CVE-2007-5654: LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new…

PriorityP341medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
41.06%
98.5th percentile
LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."

Affected

1 ranges
VendorProductVersion rangeFixed in
litespeed_technologieslitespeed_web_server<= 3.2.3

Detection & IOCsextracted from sources · hover to see the quote

url.php%00.txt
other%00.
  • Detect null-byte injection in URI paths targeting LiteSpeed Web Server — look for '%00.' followed by an alternate extension (e.g., .txt, .html) in HTTP requests to force MIME type confusion and disclose source files such as PHP scripts.
  • Flag any HTTP request URI containing the literal string '%00' (URL-encoded null byte) as a potential MIME Type Injection attempt against LiteSpeed Web Server versions prior to 3.2.4.
  • ·Vulnerability is specific to LiteSpeed Web Server versions before 3.2.4; patched in 3.2.4 and later.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.