CVE-2014-5329

HIGH

GIGAPOD OfficeHard <3.04.03, GIGAPOD 2010/3 <3.01.02 - DoS via Apache HTTP Request Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-5329. PoCs published by Ramon de C Valle, kingcope.

AI-analyzed exploit summary This exploit targets CVE-2014-5329, a denial-of-service vulnerability in Apache HTTP Server. It sends malformed HTTP requests with overlapping byte ranges to crash the server by exploiting a bug in the handling of Range headers.

Description

GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.

Exploits (2)

exploitdb WORKING POC
by Ramon de C Valle · cdoslinux
https://www.exploit-db.com/exploits/18221

This exploit targets CVE-2014-5329, a denial-of-service vulnerability in Apache HTTP Server. It sends malformed HTTP requests with overlapping byte ranges to crash the server by exploiting a bug in the handling of Range headers.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Apache HTTP Server 2.2.x
No auth needed
Prerequisites: Network access to the target Apache server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by kingcope · perldosmultiple
https://www.exploit-db.com/exploits/17696

This exploit targets a memory exhaustion vulnerability in Apache httpd by sending malformed HTTP Range headers. It uses multiple forks to amplify the attack, leading to remote denial of service (DoS) by exhausting system resources.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Apache httpd (versions affected by CVE-2014-5329)
No auth needed
Prerequisites: Network access to the target Apache server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory
https://jvn.jp/en/jp/JVN23809730/

Scores

CVSS v3 7.5
EPSS 0.0310
EPSS Percentile 87.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (3)
tripodworks/gigapod_2010_firmware < 3.01.02
tripodworks/gigapod_3_firmware < 3.01.02
tripodworks/gigapod_officehard_firmware < 3.04.03
Published Sep 08, 2023
Tracked Since Feb 18, 2026