CVE-2024-27316

HIGH LAB

Apache HTTP Server 2.4.17-2.4.58 - Denial of Service via HTTP/2 Header Buffering

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-27316. PoCs published by lockness-Ko, aeyesec.

AI-analyzed exploit summary This Go-based PoC exploits CVE-2024-27316, a DoS vulnerability in HTTP/2 servers by sending maliciously crafted HEADERS and CONTINUATION frames with excessively large headers. It supports both HTTP and HTTPS targets and spawns multiple threads to amplify the attack.

Description

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

Exploits (2)

nomisec WORKING POC 15 stars

by lockness-Ko · poc

https://github.com/lockness-Ko/CVE-2024-27316

View Code ZIP pw:eip

This Go-based PoC exploits CVE-2024-27316, a DoS vulnerability in HTTP/2 servers by sending maliciously crafted HEADERS and CONTINUATION frames with excessively large headers. It supports both HTTP and HTTPS targets and spawns multiple threads to amplify the attack.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: HTTP/2 servers (unencrypted or TLS)

No auth needed

Prerequisites: Network access to target HTTP/2 server · Go environment to compile the PoC

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1498 - Network Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 2 stars

by aeyesec · poc

https://github.com/aeyesec/CVE-2024-27316_poc

View Code ZIP pw:eip

This PoC demonstrates a DoS attack against Apache httpd via HTTP/2 CONTINUATION flood (CVE-2024-27316). It establishes an HTTP/2 connection and sends a large number of CONTINUATION frames to exhaust server resources.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Apache httpd 2.4.58

No auth needed

Prerequisites: HTTP/2 support on target server · Network connectivity to target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10

Core References

Mailing List

http://www.openwall.com/lists/oss-security/2024/04/04/4

Mailing List

https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html

Mailing List

https://www.openwall.com/lists/oss-security/2024/04/03/16

Mailing List

http://seclists.org/fulldisclosure/2024/Jul/18

Vendor Advisory

https://support.apple.com/kb/HT214119

Third Party Advisory, US Government Resource

https://www.kb.cert.org/vuls/id/421644

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240415-0013/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/FO73U3SLBYFGIW2YKXOK7RI4D6DJSZ2B/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/MIUBKSCJGPJ6M2U63V6BKFDF725ODLG7/

Product, Release Notes vendor-advisory

https://httpd.apache.org/security/vulnerabilities_24.html

Scores

CVSS v3 7.5

EPSS 0.9133

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Lab Environment

COMMUNITY

Community Lab

docker pull httpd:2.4.58

docker pull httpd:2.4.59

https://github.com/lockness-Ko/CVE-2024-27316

https://github.com/aeyesec/CVE-2024-27316_poc

View in Library

Details

CWE

CWE-770

Status published

Products (5)

apache/http_server 2.4.17 - 2.4.59

fedoraproject/fedora 38

fedoraproject/fedora 39

fedoraproject/fedora 40

netapp/ontap 9

Published Apr 04, 2024

Tracked Since Feb 18, 2026