ID:12727 - Exploit for Information Exposure Through Timing Discrepancy in Apache HTTP Server - CVE-2026-33006

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:12727 - Exploit for Information Exposure Through Timing Discrepancy in Apache HTTP Server - CVE-2026-33006

ID:12727 - Exploit for Information Exposure Through Timing Discrepancy in Apache HTTP Server - CVE-2026-33006

Published: May 22, 2026


Vulnerability identifier: #VU129545
Vulnerability risk: High
CVE-ID: CVE-2026-33006
CWE-ID: CWE-208
Exploitation vector: Remote access
Vulnerable software:
Apache HTTP Server

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to bypass Digest authentication.

The vulnerability exists due to a timing side-channel in mod_auth_digest when processing Digest authentication. A remote attacker can perform a timing attack to bypass Digest authentication.


Remediation

Install security update from vendor's website.