MINI-4X62-9H8H-MCMP

Bulletin has no description...

CVE-2026-3234 Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection

A flaw was found in modproxycluster. This vulnerability, a Carriage Return Line Feed CRLF injection in the decodeenc function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoin...

CVE-2026-3234

CVE-2026-3234 affects mod_proxy_cluster. A CRLF injection in the decodeenc() function allows a remote attacker to bypass input validation and corrupt the INFO endpoint responses by injecting CRLF sequences into the cluster configuration. Exploitation requires network access to the MCMP protocol p...

CVE-2026-3234 Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection

A flaw was found in modproxycluster. This vulnerability, a Carriage Return Line Feed CRLF injection in the decodeenc function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoin...

EUVD-2016-4163

Malware in sbrugna...

RLSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9434)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9434 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

Moderate: Red Hat Security Advisory: mod_proxy_cluster security update

An update for modproxycluster is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

mod_proxy_cluster: mod_proxy_cluster unauthorized MCMP requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

ALSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

CVE-2024-10306

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306 Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306 Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests

A vulnerability was found in modproxycluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as Require ip IPADDRESS would suggest. This means that anyone with access to the host might send MCMP requests that may result in...

CVE-2024-10306

CVE-2024-10306 affects the mod_proxy_cluster module (Apache HTTP Server). The issue arises because the Directory directive does not enforce access restrictions as strongly as the Location directive, enabling unauthorized MCMP requests that could add/remove/update balancer nodes. Public exploit de...

PT-2025-17610 · Unknown +2 · Mod Proxy Cluster +2

Name of the Vulnerable Software and Affected Versions: mod proxy cluster affected versions not specified Description: A vulnerability was found in mod proxy cluster, where the directive does not restrict IP/host access as Require ip IP ADDRESS would suggest, allowing anyone with access to the hos...

mod_cluster Denial of Service vulnerability

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...

[SECURITY] Fedora 30 Update: mod_cluster-1.3.11-1.fc30

Modcluster is an httpd-based load balancer. Like modjk and modproxy, modcluster uses a communication channel to forward requests from httpd to one of a set of application server nodes. Unlike modjk and modproxy, modclus ter leverages an additional connection between the application server nodes a...

Cross-site Scripting (XSS)

modcluster is vulnerable to cross-site scripting XSS attacks. The vulnerability exists in the manager web interface in modcluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message...

CVE-2016-3110

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...

CVE-2016-3110

modcluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service Apache http server crash via an MCMP message containing a series of = equals characters after a legitimate element...