Apache mod_rewrite Vulnerability: Bypassing RewriteRules via Extra Slash Characters

Apache mod_rewrite Vulnerability: Bypassing RewriteRules via Extra Slash Characters

CVE-2001-1072 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail.

Learn more about our Web Application Penetration Testing UK.