NOMISEC-soltanali0/CVE-2024-38475

NOMISEC SCANNER

Exploit for CVE-2024-38475 - Apache HTTP Server <2.4.59 - RCE

AI Analysis

The repository contains a Python script that scans for potential Apache mod_rewrite weaknesses by enumerating directories and files using wordlists and specific payloads. It checks for 403 responses for directories and 200 responses for files with crafted payloads, indicating potential source code disclosure vulnerabilities.

Attack Type

info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1119 - Automated Collection T1083 - File and Directory Discovery

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type infoleak

Files 2

https://github.com/soltanali0/CVE-2024-38475

Stars 3

Forks 2

Last Push Dec 12, 2024

Authors

soltanali0

Vulnerability

CVE-2024-38475

Apache HTTP Server <2.4.59 - RCE

CRITICAL KEV

CVSS 9.1