Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2020-9490 – Apache HTTP Server denial of service
August 11, 2020
Rewterz
Rewterz Threat Alert – Fake Security Advisory used in cPanel Phishing Attack
August 11, 2020

Rewterz Threat Advisory – CVE-2020-11985 – Apache HTTP Server spoofing

Severity

Medium

Analysis Summary

Apache Apache HTTP Server could allow a remote attacker to conduct spoofing attacks, caused by a flaw when using proxying with mod_remoteip and certain mod_rewrite rules. By sending a specially-crafted request, an attacker could exploit this vulnerability to spoof IP address for logging and PHP scripts.

Impact

Server spoofing

Affected Vendors

Apache

Affected Products

Apache HTTP Server

Remediation

Upgrade to the latest version of Apache HTTP Server (2.4.25 or later).