Apache – CVE-2020-11985


Kayran has detected that the Version of Apache HTTP Server being used is vulnerable to Insufficient Verification of Data Authenticity (CWE-345). Also known as CVE-2020-11985.

By abusing configurations that use proxying with mod_remoteip and certain mod_rewrite rules, attackers could spoof their IP address for logging and PHP scripts.

There’s a chance that this vulnerability will allow attackers to modify system files and information.


To fix CVE-2020-11985, upgrade the version of Apache HTTP Server being used to 2.4.25 or higher.




< Return to all Vulnerabilities

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »