Improper handling of HTTP/2 sessions can lead to memory being read after it has been freed.
A typical Nmap scan to confirm presence: apache httpd 2.4.18 exploit
There is no known public remote code execution exploit against a default, fully-patched Apache 2.4.18 as distributed by a major vendor after 2016. Improper handling of HTTP/2 sessions can lead to
Because this version falls within the 2.4.17 to 2.4.38 range , it is susceptible to several high-impact exploits, most notably in local privilege escalation and memory handling. 1. Local Privilege Escalation (CVE-2019-0211) apache httpd 2.4.18 exploit
# Example usage exploit("192.168.1.100", 80)