Reverse Proxy Bypass Vulnerability (CVE-2011-3368) Scanner

Stay Up To Date
Asset Type


Need Membership


Asset Verify


API Support


Estimate Time (Second)


Reverse Proxy Bypass Vulnerability (CVE-2011-3368) Scanner Detail

Vulnerability allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

Scanner tests for the CVE-2011-3368 (Reverse Proxy Bypass) vulnerability in Apache HTTP server's reverse proxy mode. The script will run 3 tests:

  • the loopback test, with 3 payloads to handle different rewrite rules
  • the internal hosts test. According to Contextis, we expect a delay before a server error.
  • The external website test. This does not mean that you can reach a LAN ip, but this is a relevant issue anyway.

Some Advice for Common Problems

Upgrade your Apache to the latest version.

Need a Full Assessment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service