ou can verify the vulnerability by executing attached POC.
python CVE_2017_7529.py https://publishers.basicattentiontoken.org/favicon.ico
command.
All details available at
https://nvd.nist.gov/vuln/detail/CVE-2017-7529
https://gist.github.com/thehappydinoa/bc3278aea845b4f578362e9363c51115
Please do the needful.
The POC demonstrates working exploint.
In the exploit function the script ‘determines’ if the server is vulnerable based on the response. Specifically in determining if the vulnerability exists, the script sends a request with some calculated “Range” value, based on the response content. More specifically, it tries to get the byte range from 623 bytes after the full content until the last (very high number) bytes.