Main
Vulnerability Database
Exploits
ID:6912 - Exploit for Input validation error in Squid - CVE-2021-31806
ID:6912 - Exploit for Input validation error in Squid - CVE-2021-31806
Published: October 21, 2021
Vulnerability identifier: #VU53020
Vulnerability risk: Medium
CVE-ID: CVE-2021-31806
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
Squid
Squid
Link to public exploit:
Vulnerability description
The vulnerability allows a remote client to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when performing HTTP Range requests. A remote proxy client can send specially crafted HTTP request via the proxy server and perform a denial of service (DoS) attack.
Remediation
Install updates from vendor's website.