Security Advisory

CVE-2023-24021

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-20 00:00:00
Last updated 2025-04-02 16:18:27
Assigner mitre
State PUBLISHED

Description

Incorrect handling of 0 bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.