Main Vulnerability Database Exploits ID:4320 - Exploit for Permissions, Privileges, and Access Controls in ModSecurity - CVE-2012-4528

ID:4320 - Exploit for Permissions, Privileges, and Access Controls in ModSecurity - CVE-2012-4528

Published: August 11, 2020

Vulnerability identifier: #VU43224

Vulnerability risk: Medium

CVE-ID: CVE-2012-4528

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
ModSecurity

Link to public exploit:

https://www.exploit-db.com/exploits/37949/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.

Remediation

Install update from vendor's website.

ID:4320 - Exploit for Permissions, Privileges, and Access Controls in ModSecurity - CVE-2012-4528

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human