CVE-2019-10098

MEDIUM EXPLOITED NUCLEI

Apache HTTP Server 2.4.0-2.4.39 - Open Redirect via Encoded Newlines in mod_rewrite

Title source: llm

Exploitation Summary

CVE-2019-10098 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Sebastian Neef. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a URL redirection vulnerability (CVE-2019-10098) where newline characters (%0a) in the URL path can bypass intended redirection logic, allowing an attacker to redirect users to arbitrary domains. The provided curl command shows the vulnerability in action, with the server responding with a 302 redirect to an unintended domain.

Description

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.

Exploits (1)

exploitdb WORKING POC

by Sebastian Neef · webappsmultiple

https://www.exploit-db.com/exploits/47689

View Code ZIP pw:eip

This exploit demonstrates a URL redirection vulnerability (CVE-2019-10098) where newline characters (%0a) in the URL path can bypass intended redirection logic, allowing an attacker to redirect users to arbitrary domains. The provided curl command shows the vulnerability in action, with the server responding with a 302 redirect to an unintended domain.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Unknown (likely a web server or proxy handling redirects)

No auth needed

Prerequisites: Access to a vulnerable web server or proxy handling redirects

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect

MEDIUMby ctflearner

Shodan: cpe:"cpe:2.3:a:apache:http_server" || apache 2.4.49

References (17)

Core 17

Core References

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2020/04/01/4

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E

Vendor Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuapr2020.html

Vendor Advisory x_refsource_misc

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vendor Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujan2020.html

Vendor Advisory x_refsource_misc

https://httpd.apache.org/security/vulnerabilities_24.html

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

Vendor Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuApr2021.html

Scores

CVSS v3 6.1

EPSS 0.7398

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

VulnCheck KEV 2022-02-22

CWE

CWE-601

Status published

Products (1)

apache/http_server 2.4.0 - 2.4.39

Published Sep 25, 2019

Tracked Since Feb 18, 2026