HTTP/2 Zero-Day Exploited for the Most Explosive DDoS Attacks
HTTP/2 Zero-Day Exploited for the Most Explosive DDoS Attacks
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
A zero-day vulnerability in HTTP/2 has been actively exploited in August, introducing a novel DDoS technique referred as “Rapid Reset”. The attack, utilizing CVE-2023-44487, exploits a vulnerability within the HTTP/2 protocol and enables remote attackers to carry out a denial of service (DoS) attack.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.