Apache HTTP Server
Moderate fix1 remedy
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 2.4.0, <= 2.4.65
Apache HTTP Server Server-Side Request Forgery Vulnerability on Windows Allowing NTLM Hash Leakage
Vulnerability
Patched
A Server-Side Request Forgery (SSRF) vulnerability has been identified in Apache HTTP Server on Windows systems. The issue arises when 'AllowEncodedSlashes' is enabled and 'MergeSlashes' is disabled. This vulnerability allows the potential leakage of NTLM hashes to a malicious server through crafted requests or content. The flaw is present in Apache HTTP Server versions 2.4.0 prior to 2.4.66.
Impact
Exploitation of this vulnerability could lead to unauthorized NTLM hash leakage, which could be used in NTLM relay attacks.
Reproduction
To reproduce this vulnerability, configure Apache HTTP Server on a Windows system with 'AllowEncodedSlashes' set to 'On' and 'MergeSlashes' set to 'Off'. Then, send a request that exploits the SSRF vulnerability by directing it to a server that can capture NTLM hashes.
Remediation
Users are advised to upgrade to Apache HTTP Server version 2.4.66, which addresses this vulnerability.
Added: Dec 5, 2025, 11:19 AM
Updated: Dec 5, 2025, 11:19 AM
Vulnerability Rating
Custom Algorithm
spread
9.4impact
2.5exploitability
7.9remediation
7.7relevance
1.3threat
1.6urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.