CVE-2007-0120

Acunetix Web Vulnerability Scanner < 4.0_build_2006-07-17 - Denial of Service via Invalid Content-Length HTTP Requests

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0120. PoCs published by nitr0us.

AI-analyzed exploit summary This Perl script exploits a Denial of Service (DoS) vulnerability in Acunetix Web Vulnerability Scanner 4.0 by sending malformed HTTP packets with an invalid 'Content-Length' field. The exploit triggers an exception in the HTTP Sniffer component, causing the application to crash upon repeated requests.

Description

Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to cause a denial of service (application crash) via multiple HTTP requests containing invalid Content-Length values.

Exploits (1)

exploitdb WORKING POC VERIFIED
by nitr0us · perldoswindows
https://www.exploit-db.com/exploits/3078

This Perl script exploits a Denial of Service (DoS) vulnerability in Acunetix Web Vulnerability Scanner 4.0 by sending malformed HTTP packets with an invalid 'Content-Length' field. The exploit triggers an exception in the HTTP Sniffer component, causing the application to crash upon repeated requests.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Acunetix Web Vulnerability Scanner 4.0 <= Build 20060717
No auth needed
Prerequisites: Network access to the target system · Acunetix WVS HTTP Sniffer component running on port 8080 (or specified port)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3078
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31279
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37580
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21898

Scores

EPSS 0.0167
EPSS Percentile 73.8%

Details

Status published
Products (1)
acunetix/web_vulnerability_scanner < 4.0_build_2006-07-17
Published Jan 09, 2007
Tracked Since Feb 18, 2026