Share
## https://sploitus.com/exploit?id=B0A9E5E8-7CCC-5984-9922-A89F11D6BF38
# CVE-2024-27316

I decided to call this vulnerability specifically "CVE-2024-27316" since I have tested it against this vulnerability. The underlying flaw effects other CVEs so I thought I'd mention those with the hope that others could test and modify this PoC :)

This PoC currently only works against unencrypted http/2 servers.

Sources:
- [https://www.kb.cert.org/vuls/id/421644](https://www.kb.cert.org/vuls/id/421644)

## Running

Building:

```bash
go build
```

Running

```bash
./cve-2024-27316 -t 127.0.0.1:80 -p http -i 8192
./cve-2024-27316 -t 127.0.0.1:443 -p https -i 8192
```