CVE-2018-8004

MEDIUM LAB

Apache Traffic Server <6.2.2, <7.1.3 - SSRF

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-8004. PoCs published by mosesrenegade.

AI-analyzed exploit summary The repository contains only a Docker Compose file without any exploit code or technical details. It sets up a lab environment with HAProxy, Apache Traffic Server (ATS), and Nginx but lacks functional exploit code or analysis.

Description

There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions.

Exploits (1)

nomisec STUB 1 stars

by mosesrenegade · poc

https://github.com/mosesrenegade/CVE-2018-8004

View Code ZIP pw:eip

The repository contains only a Docker Compose file without any exploit code or technical details. It sets up a lab environment with HAProxy, Apache Traffic Server (ATS), and Nginx but lacks functional exploit code or analysis.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Apache Traffic Server (ATS) versions affected by CVE-2018-8004

No auth needed

Prerequisites: Docker environment · Docker Compose

devstral-2 · analyzed Feb 16, 2026 Full analysis →