Tag

Httpproxy

2 briefs RSS

OpenCanary HTTPPROXY Login Attempt Detection

Detection of attempted HTTP proxy use on an OpenCanary node, indicating potential reconnaissance or lateral movement by an attacker attempting to proxy another page.

OpenCanary honeypot httpproxy lateral-movement

2r 1t Oct 26, 2024

high advisory

Contour HTTPProxy Lua Code Injection via Cookie Path Rewrite

2 rules 3 TTPs

Contour's Cookie Rewriting feature is vulnerable to Lua code injection; an attacker with RBAC permissions to create or modify HTTPProxy resources can craft a malicious value in the `spec.routes[].cookieRewritePolicies[].pathRewrite.value` or `spec.routes[].services[].cookieRewritePolicies[].pathRewrite.value` fields, resulting in arbitrary code execution in the Envoy proxy.

Contour lua code-injection httpproxy cve-2026-41246

2r 3t Jan 9, 2024