The attacker can exploit this information to determine the target of the vulnerable application. An attacker can send malicious requests to the application with a valid host header. The request URL will be relevant information to determine the target of the attack.
CVE-2017-7404 Cobalt Strike 5.0 and below supports the HTTP(S) listener of the listener type, which does not determine whether the request URL begins with "/".
CVE-2017-7403 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests that specify the URL.
CVE-2017-7402 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017-7401 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017-7400 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017-7299 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017-7298 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017-7297 In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
CVE-2017
Summary
In Cobalt Strike 5.0 and below, the HTTP listener does not detect requests with a host header.
Timeline
Published on: 02/15/2022 13:15:00 UTC
Last modified on: 02/23/2022 19:19:00 UTC