Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-103879. PoCs published by Tim Kennedy.
AI-analyzed exploit summary This exploit demonstrates a vulnerability in CacheFlow CacheOS where the HOST header in an HTTP request can be misused to tunnel arbitrary TCP connections, effectively turning an internal mail server into an open relay for sending unsolicited emails. The proof-of-concept shows how an attacker can craft an HTTP request with a malicious HOST header to bypass intended restrictions.
Description
Cacheflow CacheOS 4.1.10016 - HTTP HOST Proxy
Exploits (1)
This exploit demonstrates a vulnerability in CacheFlow CacheOS where the HOST header in an HTTP request can be misused to tunnel arbitrary TCP connections, effectively turning an internal mail server into an open relay for sending unsolicited emails. The proof-of-concept shows how an attacker can craft an HTTP request with a malicious HOST header to bypass intended restrictions.