Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-4226

Description

RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented.

POC

Reference

- https://wpscan.com/vulnerability/c0ed80c8-ebbf-4ed9-b02f-31660097c352

Github

- https://github.com/20142995/nuclei-templates