CVE-2024-43394

HIGH

Apache HTTP Server 2.4.0-2.4.63 - Server-Side Request Forgery via mod_rewrite or Apache Expressions

Title source: llm

Description

Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. The server offers limited protection against administrators directing the server to open UNC paths. Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.

References (4)

Core 4

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/08/msg00009.html

Mailing List

http://www.openwall.com/lists/oss-security/2025/07/10/2

Mailing List

http://www.openwall.com/lists/oss-security/2025/07/10/5

Vendor Advisory vendor-advisory

https://httpd.apache.org/security/vulnerabilities_24.html

Scores

CVSS v3 7.5

EPSS 0.0024

EPSS Percentile 47.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (1)

apache/http_server 2.4.0 - 2.4.64

Published Jul 10, 2025

Tracked Since Feb 18, 2026