CVE-2014-2324

lighttpd < 1.4.35 - Path Traversal via Host Name

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2324. PoCs published by sp4c30x1.

AI-analyzed exploit summary This is a Python-based exploit for CVE-2014-2324, targeting a directory traversal vulnerability in lighttpd before 1.4.35. It allows remote attackers to read arbitrary files via a .. (dot dot) in the host name.

Description

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

Exploits (1)

nomisec WORKING POC 4 stars

by sp4c30x1 · poc

https://github.com/sp4c30x1/uc_httpd_exploit

View Code ZIP pw:eip

This is a Python-based exploit for CVE-2014-2324, targeting a directory traversal vulnerability in lighttpd before 1.4.35. It allows remote attackers to read arbitrary files via a .. (dot dot) in the host name.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: lighttpd before 1.4.35

No auth needed

Prerequisites: Network access to the target lighttpd server

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Patch, Vendor Advisory x_refsource_confirm

http://www.lighttpd.net/2014/3/12/1.4.35/

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/66157

Exploit, Vendor Advisory x_refsource_confirm

http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-2877

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/57514

Mailing List, Third Party Advisory vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=141576815022399&w=2

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/57404

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/564

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/561

Third Party Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN37417423/index.html

Scores

EPSS 0.7167

EPSS Percentile 98.8%

Details

CWE

CWE-22

Status published

Products (10)

contec/sv-cpt-mc310_firmware < 6.5

debian/debian_linux 6.0

debian/debian_linux 7.0

debian/debian_linux 8.0

lighttpd/lighttpd < 1.4.35

opensuse/opensuse 11.4

opensuse/opensuse 12.3

opensuse/opensuse 13.1

suse/linux_enterprise_high_availability_extension 11 sp3

suse/linux_enterprise_software_development_kit 11 sp3

Published Mar 14, 2014

Tracked Since Feb 18, 2026