⚠ Exploited in the wild

Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2023-25690

CWE-444 — HTTP Request Smuggling CWE-11323 documents11 sources

Severity

9.8CRITICAL

EPSS

68.2%

top 1.40%

CISA KEV

Not in KEV

Exploit

Exploited in wild

Active exploitation observed

Affected products

Apache Software Foundation Apache Http Server Apache Http Server

Timeline

PublishedMar 7

Latest updateOct 3

Description

Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://ex…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

▶NVDapache/http_server2.4.0 — 2.4.55

▶CVEListV5apache_software_foundation/apache_http_server2.4.0 — 2.4.55

▶Alpineapache2< 2.4.56-r0+9

▶Debianapache2< 2.4.56-1~deb11u1+3

▶Ubuntuapache2< 2.4.29-1ubuntu4.27+3

🔴Vulnerability Details

OSV

apache2 vulnerability↗2023-03-22

▶

OSV

apache2 vulnerabilities↗2023-03-09

▶

GHSA

GHSA-wc6r-9c75-44gq: Some mod_proxy configurations on Apache HTTP Server versions 2↗2023-03-07

▶

OSV

CVE-2023-25690: Some mod_proxy configurations on Apache HTTP Server versions 2↗2023-03-07

▶

CVEList

Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy↗2023-03-07

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Apache 2.4.0 -> 2.4.55 HTTP Smuggling Attempt M7 (CVE-2023-25690)↗2024-10-03

▶

Suricata

ET WEB_SPECIFIC_APPS Apache 2.4.0 -> 2.4.55 HTTP Smuggling Attempt M5 (CVE-2023-25690)↗2024-10-03

▶

Suricata

ET WEB_SPECIFIC_APPS Apache 2.4.0 -> 2.4.55 HTTP Smuggling Attempt M6 (CVE-2023-25690)↗2024-10-03

▶

Suricata

ET WEB_SPECIFIC_APPS Apache 2.4.0 -> 2.4.55 HTTP Smuggling Attempt M3 (CVE-2023-25690)↗2024-10-03

▶

Suricata

ET WEB_SPECIFIC_APPS Apache 2.4.0 -> 2.4.55 HTTP Smuggling Attempt M1 (CVE-2023-25690)↗2024-10-03

▶

📋Vendor Advisories

Oracle

Oracle Oracle Hyperion Risk Matrix: Installation and Configuration (Apache HTTP Server) — CVE-2023-25690↗2023-10-15

▶

Oracle

Oracle Oracle Enterprise Manager Risk Matrix: Networking (Apache HTTP Server) — CVE-2023-25690↗2023-07-15

▶

Oracle

Oracle Oracle Communications Risk Matrix: FEServer (Apache HTTP Server) — CVE-2023-25690↗2023-04-15

▶

Ubuntu

Apache HTTP Server vulnerability↗2023-03-22

▶

Microsoft

Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy↗2023-03-14

▶