CVE-2014-2323

CRITICAL NUCLEI

lighttpd < 1.4.35 - SQL Injection via Host Name in mod_mysql_vhost

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2323. PoCs published by cirocosta. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2014-2323, a SQL injection vulnerability in Lighttpd's mod_mysql_vhost module. The exploit demonstrates how improper input sanitization in the module's SQL query construction can lead to arbitrary SQL command execution.

Description

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.

Exploits (1)

nomisec WORKING POC 8 stars

by cirocosta · poc

https://github.com/cirocosta/lighty-sqlinj-demo

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2014-2323, a SQL injection vulnerability in Lighttpd's mod_mysql_vhost module. The exploit demonstrates how improper input sanitization in the module's SQL query construction can lead to arbitrary SQL command execution.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Lighttpd 1.4.34 with mod_mysql_vhost

No auth needed

Prerequisites: Lighttpd 1.4.34 with mod_mysql_vhost enabled · MySQL server configured for virtual hosting

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Lighttpd 1.4.34 SQL Injection and Path Traversal

CRITICALby geeknik

Shodan: cpe:"cpe:2.3:a:lighttpd:lighttpd"

References (12)

Core 12

Core References

Patch, Vendor Advisory x_refsource_confirm

http://www.lighttpd.net/2014/3/12/1.4.35/

Exploit, Vendor Advisory x_refsource_confirm

http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-2877

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html

Broken Link third-party-advisory x_refsource_secunia

http://secunia.com/advisories/57514

Mailing List, Third Party Advisory vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=141576815022399&w=2

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html

Broken Link third-party-advisory x_refsource_secunia

http://secunia.com/advisories/57404

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/564

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/561

Third Party Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN37417423/index.html

Scores

CVSS v3 9.8

EPSS 0.9104

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (9)

debian/debian_linux 6.0

debian/debian_linux 7.0

debian/debian_linux 8.0

lighttpd/lighttpd < 1.4.35

opensuse/opensuse 11.4

opensuse/opensuse 12.3

opensuse/opensuse 13.1

suse/linux_enterprise_high_availability_extension 11 sp3

suse/linux_enterprise_software_development_kit 11 sp3

Published Mar 14, 2014

Tracked Since Feb 18, 2026