CVE STALKER
ALL DAILY MONTHLY PAST 7 DAYS PAST 30 DAYS 🔍

CVE-2023-25690

CVSS
DESCRIPTIONSome mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like: RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/ Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.
HEAT SCORE461

WORDS

TWEETS

DATE TWEETS USER
2023-05-30 02:40:12✨ Top 3 CVE last 12h 1️⃣CVE-2023-25690 : @HunterMapping https://t.co/UE3TyNpjbL 2️⃣CVE-2023-2825 : @HunterMapping… https://t.co/MlvQUSfnvp https://twitter.com/twitter/statuses/1660842611089760259 https://twitter.com/i/web/status/1663373148287320067top3cve
2023-05-29 14:40:26✨ Top 3 CVE last 12h 1️⃣CVE-2023-25690 : @HunterMapping https://t.co/UE3TyNpjbL 2️⃣CVE-2023-2825 : @vngsecresponse… https://t.co/c7elbR5qLM https://twitter.com/twitter/statuses/1660842611089760259 https://twitter.com/i/web/status/1663191953985486851top3cve
2023-05-26 15:04:25✨ Top 3 CVE last 12h 1️⃣CVE-2023-28771 : @JosephWilson202 https://t.co/bDvmFbtkMA 2️⃣CVE-2023-25690 :… https://t.co/zPY9UgYYlA https://twitter.com/twitter/statuses/1660642617414103046 https://twitter.com/i/web/status/1662104791177207808top3cve
2023-05-26 13:29:12🪶#Apache Foundation addressed CVE-2023-25690 (CVSS score 9.8) in Apache #HTTPServer 2.4.56. The fix prevents contro… https://t.co/3kzILakc6Q https://twitter.com/i/web/status/1662081457332822020socradar
2023-05-25 14:10:27Time to patch for #CVE-2023-25690! Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.5… https://t.co/meKkRBLMwJ https://twitter.com/i/web/status/1661734566871334917huzeyfeonal
2023-05-25 04:30:31#CVE-2023-25690: Request Smuggling attack on Apache HTTP Server 9.8 rating🚩 (1/2) FOFA Free query: app="APACHE-HT… https://t.co/UL9lYXaQ7B https://twitter.com/i/web/status/1661588927155957761rossasamtika
2023-05-25 04:30:14#CVE-2023-25690: Request Smuggling attack on Apache HTTP Server 9.8 rating🚩 (1/2) FOFA Free query: app="APACHE-HT… https://t.co/puJ1BUHZXB https://twitter.com/i/web/status/1661589025059381250williamsassist
2023-05-24 18:50:13تحليل لاستغلال ثغرة CVE-2023-25690 https://t.co/rUZkeLbT3m #الامن_السيبراني #cybersecurity https://attackerkb.com/topics/0Uka1VHsPO/cve-2023-25690MAlajab
2023-05-24 16:21:08Posted a technical analysis of CVE-2023-25690 (HTTP request smuggling in Apache mod_rewrite). TL;DR: I don't think… https://t.co/I3zSid6qfZ https://twitter.com/i/web/status/1661405963939876865iagox86
2023-05-24 14:47:17✨ Top 3 CVE last 12h 1️⃣CVE-2023-25690 : @HunterMapping https://t.co/UE3TyNpjbL 2️⃣CVE-2023-28771 :… https://t.co/CN5CjMI8AX https://twitter.com/twitter/statuses/1660842611089760259 https://twitter.com/i/web/status/1661380018277081090top3cve
2023-05-24 03:32:40CVE-2023-25690: Apache HTTP Server versions 2.4.0 through 2.4.55. (2/2) FOFA Query use Fuzzy search: (server*="?p… https://t.co/VWEr1gx8Cq https://twitter.com/i/web/status/1661210683592286209fofabot
2023-05-24 03:20:22#CVE-2023-25690: Request Smuggling attack on Apache HTTP Server 9.8 rating🚩 (1/2) FOFA Free query: app="APACHE-HT… https://t.co/tAaL8vPfvR https://twitter.com/i/web/status/1661209776033009664fofabot
2023-05-24 02:40:31✨ Top 3 CVE last 12h 1️⃣CVE-2023-28771 : @JosephWilson202 https://t.co/bDvmFbtkMA 2️⃣CVE-2023-25690 :… https://t.co/3PWvXGuZAR https://twitter.com/twitter/statuses/1660642617414103046 https://twitter.com/i/web/status/1661198821601280001top3cve
2023-05-23 09:12:33Apache HTTP Server Request Splitting (CVE-2023-25690) Flaw Gets Public PoC Exploit https://t.co/GHJTuEagF7 https://securityonline.info/apache-http-server-request-splitting-cve-2023-25690-flaw-gets-public-poc-exploit/PentestingN
2023-05-23 07:50:21I don't know, I personally think CVE-2023-25690 is the more interesting.shehackedyou
2023-05-23 06:10:12Apache HTTP Server 请求走私漏洞(CVE-2023-25690) https://t.co/6EnWioSMgj http://dlvr.it/SpShxhamirdaly0x00
2023-05-23 05:10:12#exploit 1. CVE-2023-25690: Mod_proxy vulnerable configuration on Apache HTTP Server 2.4.0 - 2.4.55 leads to HTTP R… https://t.co/cUnV7EOV3C https://twitter.com/i/web/status/1660875478184468480ksg93rd
2023-05-23 03:00:32🕹️ CVE-2023-25690: Request Smuggling attack on Apache HTTP Server 9.8 rating 🔥 HUNTER Search Drok :… https://t.co/WeEEYopZhD https://twitter.com/i/web/status/1660842611089760259HunterMapping
2023-05-23 01:22:01CVE-2023-25690: Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Requ… https://t.co/Kc59LbpFFu https://twitter.com/i/web/status/1660815765564698624cyber_advising
2023-05-22 21:00:50#Vulnerability #CVE202325690 Apache HTTP Server Request Splitting (CVE-2023-25690) Flaw Gets Public PoC Exploit https://t.co/HeexHxHYN2 https://securityonline.info/apache-http-server-request-splitting-cve-2023-25690-flaw-gets-public-poc-exploit/?utm_source=dlvr.it&utm_medium=twitterKomodosec
2023-05-22 18:30:56A new PoC has been released for CVE-2023-25690 a critical vulnerability that affects Apache HTTP Server from 2.4.0… https://t.co/hDvt7B2iVf https://twitter.com/i/web/status/1660709994369540096sweetblue101
2023-05-22 17:16:28Apache HTTP Server Request Splitting (CVE-2023-25690) Flaw Gets Public PoC Exploit https://t.co/HLQ634Wfgj… https://t.co/3Vk4P0arD6 https://securityonline.info/apache-http-server-request-splitting-cve-2023-25690-flaw-gets-public-poc-exploit/ https://twitter.com/i/web/status/1660692591317270541the_yellow_fall
2023-05-22 14:12:04CVE-2023-25690 概念证明 - Apache HTTP 服务器版本 2.4.0 - 2.4.55 上请求走私漏洞 https://t.co/th2clOMqEb https://t.co/co40X6ZVit https://ift.tt/dcli9GX https://ift.tt/Dsf5Hbybuaqbot
2023-05-22 09:27:45CVE-2023-25690 Exploit Code Released https://t.co/ozU0gaspAZ https://bug.cyberkendra.com/2023/05/22/cve-2023-25690-exploit-code-released/cyberkendra
2023-05-22 08:40:32CVE-2023-25690: Request Smuggling attack on Apache HTTP Server, 9.8 rating 🔥 An old vulnerability with new POC. S… https://t.co/vGy1TcgGUc https://twitter.com/i/web/status/1660564105781030912Netlas_io
2023-05-22 06:01:43GitHub - dhmosfunk/CVE-2023-25690-POC: CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apac… https://t.co/r0q6QRwZLT https://twitter.com/i/web/status/1660525177028100096piedpiper1616
2023-05-09 20:10:07New post from https://t.co/uXvPWJy6tj (K000133098 : Apache vulnerability CVE-2023-25690) has been published on https://t.co/1nqaJKOt8q http://www.sesin.at https://www.sesin.at/2023/05/09/k000133098/WolfgangSesin
2023-05-09 20:09:56New post from https://t.co/9KYxtdZjkl (K000133098 : Apache vulnerability CVE-2023-25690) has been published on https://t.co/azecWf2hj6 http://www.sesin.at https://www.sesin.at/2023/05/09/k000133098/www_sesin_at
2023-05-09 17:42:05New post from https://t.co/uXvPWJy6tj (CVE-2023-25690 | Oracle Communications Session Report Manager 9.0.0/9.0.1 FE… https://t.co/cNU93c77KP http://www.sesin.at https://twitter.com/i/web/status/1655988616441495565WolfgangSesin
2023-05-09 17:41:52New post from https://t.co/9KYxtdZjkl (CVE-2023-25690 | Oracle Communications Session Report Manager 9.0.0/9.0.1 FE… https://t.co/3WCOUuMRQP http://www.sesin.at https://twitter.com/i/web/status/1655988618870026240www_sesin_at
2023-05-09 16:27:35New post from https://t.co/uXvPWJy6tj (CVE-2023-25690 | Oracle Communications Element Manager 9.0.0/9.0.1 FEServer… https://t.co/EPhaGdn2kG http://www.sesin.at https://twitter.com/i/web/status/1655965984161660931WolfgangSesin
2023-05-09 16:27:00New post from https://t.co/9KYxtdZjkl (CVE-2023-25690 | Oracle Communications Element Manager 9.0.0/9.0.1 FEServer… https://t.co/VGHGLT4T7J http://www.sesin.at https://twitter.com/i/web/status/1655965986481217538www_sesin_at
2023-04-25 12:35:45🚨 NEW: CVE-2023-25690 🚨 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a H… https://t.co/1wzhDTrweU https://twitter.com/i/web/status/1650838818029699078threatintelctr
2023-04-25 00:31:59🚨 NEW: CVE-2023-25690 🚨 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a H… https://t.co/FeVAnPOELo https://twitter.com/i/web/status/1650657617356701700threatintelctr
2023-04-11 05:00:26🚨 Security update for #RHEL9 users: Vulnerability found in httpd & mod_http2 (CVE-2023-25690). Apply the update now… https://t.co/qsHo1EWe8F https://twitter.com/i/web/status/1645652897688944640mstfknn
2023-04-07 17:20:21"HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)" // CVE-2023-25690- Red Hat Customer Portal https://t.co/btjPJgdWAH https://access.redhat.com/security/cve/cve-2023-25690w4yh
2023-04-03 10:56:32CBL Mariner 2.0 #Security #Update: httpd (CVE-2023-25690) https://t.co/pZSIb1T4W1 #Nessus https://www.tenable.com/plugins/nessus/173533SecurityNewsbot
2023-03-27 17:22:55CVE-2023-25690 : #Apache HTTP Server Request Smuggling Vulnerability (Apache HTTP Server 2.4.0 > 2.4.55 / 56) Cert… https://t.co/bdSxDKN4Sg https://twitter.com/i/web/status/1640402658363334657cyberkendra
2023-03-25 16:10:57🕷CVE-2023-25690 : Apache HTTP Server 2.4.0 > 2.4.55 / 56 - HTTP Request Smuggling GET : https://t.co/RVNOM2qg8F… https://t.co/LMFFCYVPxB http://xz.aliyun.com/t/12345 https://twitter.com/i/web/status/1639660653760708608APTIRAN_
2023-03-24 05:03:44CVE-2023-25690 Apache HTTP Server 请求走私漏洞 分析与利用 https://t.co/Q62sWiL813 https://t.co/Pn6BJ9VqH8 https://ift.tt/QJpRZqi https://ift.tt/tuKAysJbuaqbot
2023-03-22 15:51:23Apache Patches HTTP Request Splitting Vulnerabilities in its HTTP Server (CVE-2023-25690 and CVE-2023-27522)… https://t.co/tALKjju6go https://twitter.com/i/web/status/1638568014214725635qualys
2023-03-22 06:20:17原因は CVE-2023-25690 の対応で mod_rewrite に修正が入った 2.4.56 がリリースされて、そこら中の自動アップデートされたサーバで既存システムが壊れまくってる・・。kawaz
2023-03-17 13:21:25IBM HTTP Server is vulnerable to HTTP request splitting due to the included Apache HTTP Server (CVE-2023-25690 CVSS… https://t.co/Iazq3Pbqyj https://twitter.com/i/web/status/1636714015496839176knaepp
2023-03-15 19:08:49IBM HTTP Server is vulnerable to HTTP request splitting due to the included Apache HTTP Server (CVE-2023-25690) https://t.co/Fzty6VdX7C https://tinyurl.com/2om9uxcyknaepp
2023-03-15 09:05:39🔴APACHE🔴 Múltiples vulnerabilidades de severidad alta en productos APACHE: CVE-2023-27522,CVE-2023-25690,CVE-2023… https://t.co/ziyeMXW1w4 https://twitter.com/i/web/status/1635927621409153024GrupoICA_Ciber
2023-03-14 17:47:27New post from https://t.co/uXvPWJy6tj (CVE-2023-25690 (http_server)) has been published on https://t.co/xhz7wcpXdA http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2023-25690-http_server/WolfgangSesin
2023-03-14 17:46:16New post from https://t.co/9KYxtdZjkl (CVE-2023-25690 (http_server)) has been published on https://t.co/GUNl68LD3V http://www.sesin.at https://www.sesin.at/2023/03/14/cve-2023-25690-http_server/www_sesin_at
2023-03-14 16:06:44🚨 NEW: CVE-2023-25690 🚨 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a H… https://t.co/Lp4wKJqu7O https://twitter.com/i/web/status/1635671356023898112threatintelctr
2023-03-14 11:06:02OPENBSD_7_2 giovanni@ changed www/apache-httpd: update to 2.4.56 fixes CVE-2023-27522 and CVE-2023-25690OpenBSD_ports
2023-03-14 11:04:40OPENBSD_7_2 giovanni@ changed www/apache-httpd: update to 2.4.56 fixes CVE-2023-27522 and CVE-2023-25690OpenBSD_stable
2023-03-10 14:08:26Apache <2.4.56 is vulnerable to request splitting in mod_rewrite and mod_proxy #CVE-2023-25690… https://t.co/nL7137WpF0 https://twitter.com/i/web/status/1634188122559741953PortSwiggerRes
2023-03-09 15:14:41Apache users following my reverse proxy tutorial on netnea are affected by the Apache vulnerability CVE-2023-25690… https://t.co/uDQqOWkKrx https://twitter.com/i/web/status/1633846448998731784ChrFolini
2023-03-08 23:12:04CVE-2023-25690 https://t.co/6WgwpsV5jx #HarsiaInfo https://har-sia.info/CVE-2023-25690.htmlHar_sia
2023-03-08 14:32:53Apache HTTP Server fixes two HTTP request splitting (CVE-2022-27522 & CVE-2023-25690) flaws - https://t.co/WgxseWqARR https://securityonline.info/cve-2022-27522-cve-2023-25690-apache-http-server-vulnerability/moton
2023-03-08 11:01:01CVE-2023-25690 Apache HTTP Server HTTP Request Smuggling ,Specific configurations can bypass ACLs https://t.co/96wqzgltQ11uan1uan
2023-03-08 10:23:49"Apache HTTP Server fixes two HTTP request splitting (CVE-2022-27522 & CVE-2023-25690) flaws" via Penetration Testi… https://t.co/6ZRPqEUl2y https://twitter.com/i/web/status/1633412079565651968lucianot54
2023-03-08 09:33:47SIOSセキュリティブログを更新しました。 Apache HTTP Serverの脆弱性情報(Important: CVE-2023-25690, Moderate: CVE-2023-27522)と、Apache HTTP S… https://t.co/dH8P0RuvNF https://twitter.com/i/web/status/1633394920504565761omokazuki
2023-03-08 08:13:162.4.54と55は使ってないモジュールだったのでパスしたけど、今回はmod_rewriteなのでやらねばならぬぅ。 CVE-2023-25690qphtwt
2023-03-08 02:51:53Apache HTTP Server fixes two HTTP request splitting (CVE-2022-27522 & CVE-2023-25690) flaws https://t.co/AvQHdUw8I8… https://t.co/7xy8QozuJt https://securityonline.info/cve-2022-27522-cve-2023-25690-apache-http-server-vulnerability/ https://twitter.com/i/web/status/1633298580944351233the_yellow_fall
2023-03-08 02:50:37Apache HTTP Server fixes two HTTP request splitting (CVE-2022-27522 & CVE-2023-25690) flaws https://t.co/GT3DqnEM5l… https://t.co/BWSaqJU0Rt http://dlvr.it/SkXN5d https://twitter.com/i/web/status/1633298887632093184AcooEdi
2023-03-07 20:53:32New post from https://t.co/uXvPWJy6tj (CVE-2023-25690 | Apache HTTP Server up to 2.4.55 mod_proxy request smuggling… https://t.co/CLxPlTxdML http://www.sesin.at https://twitter.com/i/web/status/1633203463801692163WolfgangSesin
2023-03-07 20:53:26New post from https://t.co/9KYxtdZjkl (CVE-2023-25690 | Apache HTTP Server up to 2.4.55 mod_proxy request smuggling… https://t.co/1YTUwu4i20 http://www.sesin.at https://twitter.com/i/web/status/1633203469472395265www_sesin_at
2023-03-07 20:10:50I declare CVE-2023-25690 to be named Ossified Rebab https://t.co/HIHvGvZemB https://nvd.nist.gov/vuln/detail/CVE-2023-25690vulnonym
2023-03-07 18:39:33CVE-2023-25690 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Requ… https://t.co/mxfdG9X2s4 https://twitter.com/i/web/status/1633160678428278784VulmonFeeds
2023-03-07 18:17:57New post from https://t.co/uXvPWJy6tj (CVE-2023-25690) has been published on https://t.co/BdkhXNOJ9U http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2023-25690/WolfgangSesin
2023-03-07 18:16:45New post from https://t.co/9KYxtdZjkl (CVE-2023-25690) has been published on https://t.co/hrmvTLxC8o http://www.sesin.at https://www.sesin.at/2023/03/07/cve-2023-25690/www_sesin_at
2023-03-07 17:45:15CVE-2023-25690: Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy: Posted by Eric Covener o… https://t.co/PgPkS2C4QT https://twitter.com/i/web/status/1633153673244348416oss_security
2023-03-07 17:33:51CVE-2023-25690 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Reque… https://t.co/kedM2Zot4R https://twitter.com/i/web/status/1633157874259234816eyeTSystems
2023-03-07 16:52:54CVE-2023-25690 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Reque… https://t.co/B8NvHRez11 https://twitter.com/i/web/status/1633146850784997395CVEnew
2023-03-07 16:32:57🚨 NEW: CVE-2023-25690 🚨 Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a H… https://t.co/ctPYHoF7Dc https://twitter.com/i/web/status/1633142189130760200threatintelctr
2023-03-07 16:10:33CVE-2023-25690 : Some mod_proxy configurations on #Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Re… https://t.co/tyRMevqs6U https://twitter.com/i/web/status/1633137260408307712CVEreport
2023-03-07 16:08:35giovanni@ changed www/apache-httpd: update to 2.4.56 fixes CVE-2023-27522 and CVE-2023-25690OpenBSD_ports