While Using http mod_cgi with Python, Go, PHP [HTTPoxy] Request redirected to attackers controlled proxy

  • If attackers request using your CGI script open an outgoing network connection than this can be redirected to attackers controlled proxy. This can lead to denial of service and potentially occurs while using httpd mod_cgi
  • This issue can be resolved via mod_header in httpd configuration.

RequestHeader unset Proxy early

Leave a Reply

Your email address will not be published. Required fields are marked *