CVE-2022-26377

HIGH

Apache HTTP Server 2.4.0-2.4.53 - HTTP Request Smuggling via mod_proxy_ajp

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-26377. PoCs published by watchtowrlabs.

AI-analyzed exploit summary This PoC exploits CVE-2022-26377, an AJP smuggling vulnerability in IBM QRadar, by poisoning the HTTP response queue with a stored redirect. It sends a crafted payload to the target server and checks for vulnerability by verifying the presence of a specific header in the response.

Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.

Exploits (1)

nomisec WORKING POC 5 stars

by watchtowrlabs · poc

https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc

View Code ZIP pw:eip

This PoC exploits CVE-2022-26377, an AJP smuggling vulnerability in IBM QRadar, by poisoning the HTTP response queue with a stored redirect. It sends a crafted payload to the target server and checks for vulnerability by verifying the presence of a specific header in the response.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: IBM QRadar

No auth needed

Prerequisites: Network access to the target IBM QRadar instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory x_refsource_misc

https://httpd.apache.org/security/vulnerabilities_24.html

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2022/06/08/2

Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/

Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/202208-20

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20220624-0005/

Scores

CVSS v3 7.5

EPSS 0.1889

EPSS Percentile 96.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-444

Status published

Products (4)

apache/http_server 2.4.0 - 2.4.54

fedoraproject/fedora 35

fedoraproject/fedora 36

netapp/clustered_data_ontap

Published Jun 09, 2022

Tracked Since Feb 18, 2026