CVE-2023-25690

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.55

Description The issue is related to HTTP Request Smuggling attacks, which can occur when mod proxy is enabled along with certain RewriteRule or ProxyPassMatch configurations. These configurations can allow an attacker to bypass access controls in the proxy server, proxy unintended URLs to existing origin servers, and perform cache poisoning. The vulnerability can be exploited when a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, a configuration like RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ can be vulnerable. Approximately 33,652,790 results are affected.

Recommendations Update to at least version 2.4.56 of Apache HTTP Server to resolve the issue. As a temporary workaround, consider disabling the mod proxy module or restricting the use of RewriteRule and ProxyPassMatch configurations until a patch is available. Avoid using vulnerable configurations, such as those that enable variable substitution in the proxied request-target.