$Vulnerability: ModSecurity File Uploads '\0' Byte Handling Issue$

Vulnerability: ModSecurity File Uploads '\0' Byte Handling Issue

CVE-2023-24021 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.

Learn more about our Web App Pen Testing.