CVE-2024-38476

CRITICAL

Apache HTTP Server <2.4.60 - Info Disclosure/SSRF

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-38476. PoCs published by mrmtwoj, abanop22333.

AI-analyzed exploit summary The repository contains a Python script that scans for multiple Apache HTTP Server vulnerabilities by sending crafted HTTP requests to detect potential misconfigurations or weaknesses. It does not include exploit code for achieving RCE or other offensive actions, only detection logic.

Description

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue.

Exploits (2)

github SCANNER 123 stars

by mrmtwoj · pythonpoc

https://github.com/mrmtwoj/apache-vulnerability-testing

View Code ZIP pw:eip

The repository contains a Python script that scans for multiple Apache HTTP Server vulnerabilities by sending crafted HTTP requests to detect potential misconfigurations or weaknesses. It does not include exploit code for achieving RCE or other offensive actions, only detection logic.

Classification

Scanner 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Apache HTTP Server (various versions)

No auth needed

Prerequisites: Python 3.x · requests library · network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

nomisec WRITEUP

by abanop22333 · poc

https://github.com/abanop22333/Apache-Authentication-Flaw-Research-CVE-2024-38476-

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2024-38476, focusing on the semantic ambiguity vulnerability in Apache HTTP Server. It covers root causes, impact vectors, detection methods, and mitigation strategies without including functional exploit code.

Classification

Writeup 95%

Attack Type

Ssrf | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Theoretical

Target: Apache HTTP Server (versions ≤ 2.4.59)

No auth needed

Prerequisites: Apache HTTP Server version ≤ 2.4.59 · Access to crafted backend response headers

MITRE ATT&CK

T1083 - File and Directory Discovery T1190 - Exploit Public-Facing Application T1005 - Data from Local System

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240712-0001/

Mailing List, Third Party Advisory

http://www.openwall.com/lists/oss-security/2024/07/01/9

Mailing List

http://seclists.org/fulldisclosure/2024/Oct/11

Vendor Advisory vendor-advisory

https://httpd.apache.org/security/vulnerabilities_24.html

Scores

CVSS v3 9.8

EPSS 0.4161

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-829

Status published

Products (2)

apache/http_server 2.4.0 - 2.4.60

netapp/clustered_data_ontap 9.0

Published Jul 01, 2024

Tracked Since Feb 18, 2026