CVE-2007-1224

Grok Developments NetProxy 4.03 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1224. PoCs published by Craig Heffner.

AI-analyzed exploit summary This exploit bypasses URL filtering and logging in NetProxy 4.03 by omitting 'http://' in the request, allowing access to blocked content. It demonstrates the vulnerability by crafting a malformed GET request to a restricted site.

Description

Grok Developments NetProxy 4.03 allows remote attackers to bypass URL filtering via a request that omits "http://" from the URL and specifies the destination port (:80).

Exploits (1)

exploitdb WORKING POC VERIFIED
by Craig Heffner · perlremotewindows
https://www.exploit-db.com/exploits/3381

This exploit bypasses URL filtering and logging in NetProxy 4.03 by omitting 'http://' in the request, allowing access to blocked content. It demonstrates the vulnerability by crafting a malformed GET request to a restricted site.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: NetProxy 4.03
No auth needed
Prerequisites: Network access to the NetProxy server · Knowledge of the blocked URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3381
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36001
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32697
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0779
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22741

Scores

EPSS 0.0263
EPSS Percentile 83.5%

Details

Status published
Products (1)
grok_developments/netproxy 4.03
Published Mar 02, 2007
Tracked Since Feb 18, 2026