Techly NewsGet the app

Get the latest tech news

Apache fixes Traffic Control bug that attackers could exploit


Security teams should immediately patch 9.9 vulnerability in web content distribution platform.

The flaw — CVE-2024-45387 — lets attackers with privileged roles such as “admin” or “operations” inject malicious SQL commands through specially crafted PUT requests. “Exploiting this vulnerability could lead to unauthorized data access, modification, or deletion, severely impacting the integrity and availability of the content delivery network (CDN) services managed by Apache Traffic Control,” said Jason Soroko, senior fellow at Sectigo. Lawrence Pingree, vice president at Dispersive, added that this hack demonstrates a method for letting the hacker directly access an SQL database.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Apache

Apache

Photo of attackers

attackers

Photo of Apache fixes

Apache fixes

Related news:

News photo

Apache warns of critical flaws in MINA, HugeGraph, Traffic Control

News photo

Apache fixes remote code execution bypass in Tomcat web server

News photo

Apache issues patches for critical Struts 2 RCE bug

« What ails America and how to fix it? (Jeffrey Sachs)
GTA 6, Nintendo's new console and what else to watch out for in 2025 gaming »