To view this information, a user only needs to add a specific string of characters to the end of the request. In other words, an attacker only needs to make a request with a specific string of characters to the targeted server. After receiving this request, the server will return the expected response. However, if the server receives the request with the specific string of characters, it will return a different response. As a result, if the server processes this request and returns the expected response, an attacker will receive a different response. This response may contain sensitive information.

The CVE-2022 is a simple HTTP POST request

Description: The CVE-2022 is a simple HTTP POST request that can be used to exploit various vulnerabilities. This vulnerability was discovered by AJ Oni, and it is commonly referred to as the "AJ Oni HTTP/0.9" vulnerability.
What's Happening: With this vulnerability, an attacker can modify the response of a server without any alerting mechanism or warning. An attacker can send a specific string of characters at the end of their request for the targeted server to return a different response that contains sensitive information.
Prevention and Mitigation: To prevent an attack from occurring, you should use HTTPS with your server software in order to ensure that the data is secure.

Vulnerability description:

A vulnerability in Apache Struts 2 could allow an attacker to execute code as the target user. In other words, if a victim visits a web page containing a malicious script, the attacker will be able to run code with the privileges of the victim.

Authorization Bypass

An authorization by-pass is a type of security vulnerability found in websites and web services that allows attackers to access resources without having the required authorizations. This can be done through an attack that manipulates the user's credentials to allow access to restricted resources or it can be done through an attack that uses a malicious client software running on the user's computer to avoid normal security restrictions.
This vulnerability is often seen as a form of SQL injection, but there are subtle differences. Although this type of attack requires some knowledge of programming, it is not technically considered to be an SQL injection. This vulnerability often targets login data, such as username and password information, but can also target other sensitive data. An authorization by-pass occurs when the attacker submits a request with one set of characters at the end but receives a different response than expected.

CVE-2022-39012

This vulnerability was discovered by Oleksandr Mialchyk. If a server responds to an attacker's request with the expected response, it will be vulnerable to CVE-2022-39012.
When a server processes a request and returns the expected response, an attacker will receive a different response. This response may contain sensitive information.
An attacker would use this vulnerability to submit a malicious request to the targeted server and steal sensitive information that is meant for other users.

Timeline

Published on: 10/14/2022 16:15:00 UTC
Last modified on: 10/18/2022 17:37:00 UTC

References