National Cyber Warfare Foundation (NCWF)

New ModSecurity WAF Vulnerability Enables Attackers to Crash Systems


0 user ratings
2025-06-03 09:33:23
milo
Red Team (CNA)

A high-severity denial-of-service (DoS) vulnerability (CVE-2025-48866) has been identified in ModSecurity’s Apache module (mod_security2), threatening web application firewall stability. Rated 7.5/10 on the CVSS scale, this flaw enables attackers to crash servers by exploiting argument sanitization logic, with patches now available in version 2.9.10. Sanitisation Logic Flaw The vulnerability stems from ModSecurity’s sanitiseArg action, designed […]


The post New ModSecurity WAF Vulnerability Enables Attackers to Crash Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Anupriya

Source: gbHackers
Source Link: https://gbhackers.com/modsecurity-waf-vulnerability/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.