Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-0425

5 documents5 sources

Severity

10.0CRITICAL

EPSS

86.8%

top 0.57%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apache Http Server Broadcom Vmware ACE Management Server IBM Websphere Application Server +2 more

Timeline

PublishedMar 5

Latest updateMay 2

Description

modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages5 packages

▶NVDapache/http_server2.0.37 — 2.0.64+2

▶NVDibm/http_server35 versions+34

▶NVDoracle/http_server10.1.3.5.0

▶NVDibm/websphere_application_server6.1 — 6.1.0.31

▶NVDbroadcom/vmware_ace_management_server< 2.7.2

🔴Vulnerability Details

GHSA

GHSA-wv6c-mphw-ggxf: modules/arch/win32/mod_isapi↗2022-05-02

▶

CVEList

CVE-2010-0425: modules/arch/win32/mod_isapi↗2010-03-05

▶

💥Exploits & PoCs

Exploit-DB

Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM↗2010-03-07

▶

📋Vendor Advisories

Debian

CVE-2010-0425: apache2 - modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 thr...↗2010

▶