Description
The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.
Remediation
References
Related Vulnerabilities
ownCloud Improper Input Validation Vulnerability (CVE-2015-7699)
SharePoint CVE-2023-21716 Vulnerability (CVE-2023-21716)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-2853)
WordPress Plugin VaultPress Man-in-The-Middle (MiTM) Remote Code Execution (1.8.6)
WordPress Plugin Gmedia Photo Gallery Arbitrary File Upload (1.2.1)