Apache – CVE-2020-11985

Home » Blog » Apache – CVE-2020-11985

Description

Kayran has detected that the Version of Apache HTTP Server being used is vulnerable to Insufficient Verification of Data Authenticity (CWE-345). Also known as CVE-2020-11985.

By abusing configurations that use proxying with mod_remoteip and certain mod_rewrite rules, attackers could spoof their IP address for logging and PHP scripts.

There’s a chance that this vulnerability will allow attackers to modify system files and information.

Recommendation

To fix CVE-2020-11985, upgrade the version of Apache HTTP Server being used to 2.4.25 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11985

https://cwe.mitre.org/data/definitions/345.html

< Return to all Vulnerabilities

Networking? – Social Engineering

In our time, we know that socializing has a very high importance and that every person (almost) has a basic need to maintain certain “connection”

Horror Movie Villains – Common Malwares

In the field of Information Security (or, Cyber Security), there are many things we need to deal with. Just like the Horror Movie Villains we

Your SQL got the I(njection)

We’ve talked about it before right? or am i the only one having a Deja-Vu? Or an SQL Injection? No on likes doctors, or needles,

Terms and Topics in Cybersecurity that you should know

The Cybersecurity field is one of the fields that has been growing rapidly and steadily in recent years, as the demand for it grew more

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

SPA vs. MPA – the tale of Single and Multi-Page Applications

At some point in your life you must have asked, what is a SPA? and, of course, what are the differences between SPA and MPA?

WEB APPLICATION VULNERABILITY SCANNER