CVE-2012-4528
published 2012-12-28CVE-2012-4528: The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application…
PriorityP342medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
12.51%
95.7th percentile
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | modsecurity-apache | < modsecurity-apache 2.6.6-5 (bookworm) | modsecurity-apache 2.6.6-5 (bookworm) |
| fedoraproject | fedora | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| trustwave | modsecurity | < 2.7.0 | 2.7.0 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v835-w774-qhww: The mod_security2 module before 2
ghsa_unreviewed·2022-05-13
CVE-2012-4528 [MEDIUM] GHSA-v835-w774-qhww: The mod_security2 module before 2
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
OSV
CVE-2012-4528: The mod_security2 module before 2
osv·2012-12-28·CVSS 5.0
CVE-2012-4528 [MEDIUM] CVE-2012-4528: The mod_security2 module before 2
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
Debian
CVE-2012-4528: modsecurity-apache - The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote a...
vendor_debian·2012·CVSS 5.0
CVE-2012-4528 [MEDIUM] CVE-2012-4528: modsecurity-apache - The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote a...
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
Scope: local
bookworm: resolved (fixed in 2.6.6-5)
bullseye: resolved (fixed in 2.6.6-5)
forky: resolved (fixed in 2.6.6-5)
sid: resolved (fixed in 2.6.6-5)
trixie: resolved (fixed in 2.6.6-5)
No detection rules found.
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093011.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00020.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00025.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00031.htmlhttp://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGEShttp://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081http://seclists.org/fulldisclosure/2012/Oct/113http://www.openwall.com/lists/oss-security/2012/10/18/14https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txthttp://lists.fedoraproject.org/pipermail/package-announce/2012-November/093011.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00020.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00025.htmlhttp://lists.opensuse.org/opensuse-updates/2013-08/msg00031.htmlhttp://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGEShttp://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081http://seclists.org/fulldisclosure/2012/Oct/113http://www.openwall.com/lists/oss-security/2012/10/18/14https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt
2012-12-28
Published